0

I am attempting to script a login to a django site. I have used Chrome's Advanced REST Client to post credentials and successfully login. In theory I should be able to use jQuery to script login.

In the REST client I issued two requests:

1) GET request to retrieve a csrftoken

2) POST request with the 'csrfmiddlewaretoken' = (csrftoken from first GET)

This succeeds.

I have tried to emulate similar functionality using jQuery, however when I issue a GET via

response = $.get( 'http://site.com' )
//response.getAllResponseHeaders() does not yield a csrftoken ?

Without the csrftoken, the subsequent POST will yield a 403.

autodidacticon
  • 1,310
  • 2
  • 14
  • 33
  • see http://stackoverflow.com/questions/7203304/warning-cant-verify-csrf-token-authenticity-rails – sites May 11 '13 at 03:35
  • Don't I need to first retrieve a csrf token from the server? How is the token retrieved in the REST client? – autodidacticon May 13 '13 at 03:19
  • You could set an endpoint returning token, but seems there is not helper to return just token. – sites May 13 '13 at 05:04
  • Possible duplicate of [jQuery: setting up CSRF token for Django not working](http://stackoverflow.com/questions/11812694/jquery-setting-up-csrf-token-for-django-not-working) – Paul Sweatte Nov 22 '15 at 02:41

0 Answers0