I've starting implemeting Driller API yesterday. on jun 7th I've tried enpoints in Postman and successfully posted file for processing. now, when I try the same API call, I recievie this error message.
{
"detail": "CSRF Failed: CSRF token missing or incorrect."
}
I don't know what causes this, maybe that I've visited this page?
which engaged the csfr validation?
or have you just played with server config?
I'd be happy for any kind of help :)
btw this is the postman config:
0 Votes
V
Victor Ruiz posted
over 5 years ago
AdminBest Answer
Hello collabim,
Sorry for the late response, it took us a while to be able to debug this.
You are right, at visiting the Driller you got a `CSRF` token that is required to submitted batches from the web interface, and when you used Postman again, it took that cookies value from your browser and submitted as part of the API request, this is rejected by the API server as is not what it expected.
You can solve this by removing your cookies before using postman, our using any other API client that is not linked to your browser cookies.
0 Votes
2 Comments
Sorted by
V
Victor Ruizposted
over 5 years ago
AdminAnswer
Hello collabim,
Sorry for the late response, it took us a while to be able to debug this.
You are right, at visiting the Driller you got a `CSRF` token that is required to submitted batches from the web interface, and when you used Postman again, it took that cookies value from your browser and submitted as part of the API request, this is rejected by the API server as is not what it expected.
You can solve this by removing your cookies before using postman, our using any other API client that is not linked to your browser cookies.
0 Votes
c
collabimposted
over 5 years ago
I'd like to see Postman using the loophole of gaining those cookies from chromium, which are in SQLite in ~./config/chromium/Default/Cookies :D
but cookies were a great clue! The user using Postman for calling the API has to clear his Cookies before every POST :D that's quite not-genius :D
btw yes, I cleared all cookies for scrapinghub in chromium. and even after that, it was not functional until I cleared them directly in postman here
btw funny is, you validate parameters of the request before the CSRF token :D
Hey!
I've starting implemeting Driller API yesterday. on jun 7th I've tried enpoints in Postman and successfully posted file for processing. now, when I try the same API call, I recievie this error message.
{
"detail": "CSRF Failed: CSRF token missing or incorrect."
}
I don't know what causes this, maybe that I've visited this page?
which engaged the csfr validation?or have you just played with server config?
I'd be happy for any kind of help :)
btw this is the postman config:
0 Votes
Victor Ruiz posted over 5 years ago Admin Best Answer
Hello collabim,
Sorry for the late response, it took us a while to be able to debug this.
You are right, at visiting the Driller you got a `CSRF` token that is required to submitted batches from the web interface, and when you used Postman again, it took that cookies value from your browser and submitted as part of the API request, this is rejected by the API server as is not what it expected.
You can solve this by removing your cookies before using postman, our using any other API client that is not linked to your browser cookies.
0 Votes
2 Comments
Victor Ruiz posted over 5 years ago Admin Answer
Hello collabim,
Sorry for the late response, it took us a while to be able to debug this.
You are right, at visiting the Driller you got a `CSRF` token that is required to submitted batches from the web interface, and when you used Postman again, it took that cookies value from your browser and submitted as part of the API request, this is rejected by the API server as is not what it expected.
You can solve this by removing your cookies before using postman, our using any other API client that is not linked to your browser cookies.
0 Votes
collabim posted over 5 years ago
I'd like to see Postman using the loophole of gaining those cookies from chromium, which are in SQLite in ~./config/chromium/Default/Cookies :D
but cookies were a great clue! The user using Postman for calling the API has to clear his Cookies before every POST :D that's quite not-genius :D
btw yes, I cleared all cookies for scrapinghub in chromium. and even after that, it was not functional until I cleared them directly in postman here
btw funny is, you validate parameters of the request before the CSRF token :D
Thank you for your time :)
0 Votes
Login to post a comment