csrf token fetch django
let data = {
'file': file,
'fileName': file.name,
};
// You have to download 3rd Cookies library
// https://docs.djangoproject.com/en/dev/ref/csrf/#ajax
let csrftoken = Cookies.get('csrftoken');
let response = fetch("/upload/", {
method: 'POST',
body: JSON.stringify(data),
headers: { "X-CSRFToken": csrftoken },
})csrf token django
Cross Site Request Forgery protection¶
The CSRF middleware and template tag provides easy-to-use protection against
Cross Site Request Forgeries. This type of attack occurs when a malicious
website contains a link, a form button or some JavaScript that is intended
to perform some action on your website, using the credentials of a logged-in
user who visits the malicious site in their browser. A related type of attack,
‘login CSRF’, where an attacking site tricks a user’s browser into logging into
a site with someone else’s credentials, is also covered.
The first defense against CSRF attacks is to ensure that GET requests
(and other ‘safe’ methods, as defined by RFC 7231#section-4.2.1) are
side effect free. Requests via ‘unsafe’ methods, such as POST, PUT,
and DELETE, can then be protected by following the steps below.Copyright © 2021 Codeinu
Forgot your account's password or having trouble logging into your Account? Don't worry, we'll help you to get back your account. Enter your email address and we'll send you a recovery link to reset your password. If you are experiencing problems resetting your password contact us
