pythondjangorestpostadvanced-rest-client

Post to Django's definition from Advanced Rest Client

Posting values from Advanced Rest client to Django's definition returns "Forbidden(403)" alert enter image description here

looks like CSRF token is missing in the header, What can be done to get rid of this issue? Below is my definition to receive the POST values

def saveToDb(request):
c = {}
c.update(csrf(request))
if request.method == 'POST':
    form = RegisterForm(request.POST)
    if form.is_valid():
        form_unique_id = form.cleaned_data['form_id']
        form_meta_data = form.cleaned_data['form_content']
        meta_data = FormMetaData.objects.create(
            form_id=form_unique_id,
            form_content=form_meta_data
        )
        meta_data.save()
        result = FormMetaData.objects.all()
    return render(request, "form_saved.html", {'result': result})

There is no issue in the definition as it works well with form input

Solution

  • Post to Django From Advanced Rest Client with CSRF Token: Set CSRF Token for the key "X-CSRFToken" in the Header Section, add the key-value pairs in the body section, Select the Content type as "application/x-www-form-urlencoded" and click the Send Button

    Post to Django from Advanced Rest Client without CSRF Token: Add the key-value pairs in the body section, Select the Content type as "application/x-www-form-urlencoded" and click the Send Button. Note: Please make sure to set "@csrf_exempt" for the definition to which you post values

    as shown below enter image description here