I've starting implemeting Driller API yesterday. on jun 7th I've tried enpoints in Postman and successfully posted file for processing. now, when I try the same API call, I recievie this error message.
{
"detail": "CSRF Failed: CSRF token missing or incorrect."
}
I don't know what causes this, maybe that I've visited this page?
which engaged the csfr validation?
or have you just played with server config?
I'd be happy for any kind of help :)
btw this is the postman config:
Best Answer
V
Victor Ruiz
said
over 5 years ago
Hello collabim,
Sorry for the late response, it took us a while to be able to debug this.
You are right, at visiting the Driller you got a `CSRF` token that is required to submitted batches from the web interface, and when you used Postman again, it took that cookies value from your browser and submitted as part of the API request, this is rejected by the API server as is not what it expected.
You can solve this by removing your cookies before using postman, our using any other API client that is not linked to your browser cookies.
Sorry for the late response, it took us a while to be able to debug this.
You are right, at visiting the Driller you got a `CSRF` token that is required to submitted batches from the web interface, and when you used Postman again, it took that cookies value from your browser and submitted as part of the API request, this is rejected by the API server as is not what it expected.
You can solve this by removing your cookies before using postman, our using any other API client that is not linked to your browser cookies.
c
collabim
said
over 5 years ago
I'd like to see Postman using the loophole of gaining those cookies from chromium, which are in SQLite in ~./config/chromium/Default/Cookies :D
but cookies were a great clue! The user using Postman for calling the API has to clear his Cookies before every POST :D that's quite not-genius :D
btw yes, I cleared all cookies for scrapinghub in chromium. and even after that, it was not functional until I cleared them directly in postman here
btw funny is, you validate parameters of the request before the CSRF token :D
collabim
Hey!
I've starting implemeting Driller API yesterday. on jun 7th I've tried enpoints in Postman and successfully posted file for processing. now, when I try the same API call, I recievie this error message.
{
"detail": "CSRF Failed: CSRF token missing or incorrect."
}
I don't know what causes this, maybe that I've visited this page?
which engaged the csfr validation?or have you just played with server config?
I'd be happy for any kind of help :)
btw this is the postman config:
Hello collabim,
Sorry for the late response, it took us a while to be able to debug this.
You are right, at visiting the Driller you got a `CSRF` token that is required to submitted batches from the web interface, and when you used Postman again, it took that cookies value from your browser and submitted as part of the API request, this is rejected by the API server as is not what it expected.
You can solve this by removing your cookies before using postman, our using any other API client that is not linked to your browser cookies.
- Oldest First
- Popular
- Newest First
Sorted by Oldest FirstVictor Ruiz
Hello collabim,
Sorry for the late response, it took us a while to be able to debug this.
You are right, at visiting the Driller you got a `CSRF` token that is required to submitted batches from the web interface, and when you used Postman again, it took that cookies value from your browser and submitted as part of the API request, this is rejected by the API server as is not what it expected.
You can solve this by removing your cookies before using postman, our using any other API client that is not linked to your browser cookies.
collabim
I'd like to see Postman using the loophole of gaining those cookies from chromium, which are in SQLite in ~./config/chromium/Default/Cookies :D
but cookies were a great clue! The user using Postman for calling the API has to clear his Cookies before every POST :D that's quite not-genius :D
btw yes, I cleared all cookies for scrapinghub in chromium. and even after that, it was not functional until I cleared them directly in postman here
btw funny is, you validate parameters of the request before the CSRF token :D
Thank you for your time :)
-
Creating collections using spider
-
new scrapping job big budget
-
Logs do not show up in Logs interface on dashboard
-
searching for webinars from specific providers
-
Always timeout when crawling Amazon.com product
-
Scrapy items from multiple URLs to a dataframe
-
Dynamic IP of spiders without crawlera
-
Unclean error
-
Doubt
See all 14 topics