How do I get a CSRF token on the client side?

slisaasquatch · February 28, 2020, 8:54pm

I just enabled the CSRF filter, and some of my POST requests are getting 403s, which is kind of to be expected. And I’m getting logs like this [CSRF] Check failed because application/json for request /somePath.

This is the doc I’m reading: https://www.playframework.com/documentation/2.8.x/JavaCsrf

I still can’t find a way of getting a token on the client side, since I’m not using play forms. Can someone help me with this?

dkichler · March 4, 2020, 10:40pm

You can have Play store the CSRF token in a cookie using the play.filters.csrf.cookie.name configuration key and then pull the token out of the cookie in your client code to be included in requests against the server.

Topic		Replies	Views
CSRF token not found in header, when it's in the POST body Play Framework	0	2099	June 14, 2019
Using Curl to process requests Play Framework	0	518	August 17, 2019
CSRF unexpected error Help Please Play Framework	0	562	December 13, 2019
CSRF unexpected error play 2.6 Play Framework	0	653	December 23, 2019
Play Session Issue Play Framework	7	1060	December 20, 2018

How do I get a CSRF token on the client side?

Related Topics