This repository was archived by the owner on Mar 2, 2025. It is now read-only.
This repository was archived by the owner on Mar 2, 2025. It is now read-only.
New post to API fails with CSRF error #57
Description
Attempting to create new posts via the api (using the examples provided) fails with cross site scripting error.
$ curl -X POST -H'Content-Type: application/json' -d'{"title": "An awsome post by me\n---\n\nfoo bar post this"}' http://codrspace.com/api/post/?username=aaronfay&api_key=<my-key>
[1] 7193
$
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<meta name="robots" content="NONE,NOARCHIVE">
<title>403 Forbidden</title>
<style type="text/css">
html * { padding:0; margin:0; }
body * { padding:10px 20px; }
body * * { padding:0; }
body { font:small sans-serif; background:#eee; }
body>div { border-bottom:1px solid #ddd; }
h1 { font-weight:normal; margin-bottom:.4em; }
h1 span { font-size:60%; color:#666; font-weight:normal; }
#info { background:#f6f6f6; }
#info ul { margin: 0.5em 4em; }
#info p, #summary p { padding-top:10px; }
#summary { background: #ffc; }
#explanation { background:#eee; border-bottom: 0px none; }
</style>
</head>
<body>
<div id="summary">
<h1>Forbidden <span>(403)</span></h1>
<p>CSRF verification failed. Request aborted.</p>
</div>
<div id="explanation">
<p><small>More information is available with DEBUG=True.</small></p>
</div>
</body>
</html>