What other headers should I be passing to Advanced Rest Client to be able to test a .js post action that requires login?
10,632
I finally managed to issue a correct POST request, these are the headers I've used:
Accept:*/*;q=0.5, text/javascript, application/javascript, application/ecmascript, application/x-ecmascript
Cache-Control:no-cache
Origin:http://localhost:3000
Pragma:no-cache
Referer:http://localhost:3000/user/5
X-CSRF-Token:0RVGFyjo7kdng8K3pUiX9b7TAoZwSNN8uUvm5wZuORk=
Cookie:your_cookie_here
Notice the X-CSRF-Token.
Author by
MarkD
Updated on June 04, 2022Comments
-
MarkD almost 2 years
I'm using the
Advanced Rest Client
chrome extension to test some REST operations.One action is defined as a POST member route on a
resources
entry in routes.rb . I'm passing along theCookie
header in the headers tab, and I'm also setting theAccept
header to betext/javascript, application/javascript
.No matter what, I keep getting a
302
asking me to redirect, or a401
error saying I need to login or authenticate before continuing.The action has a
before_filter :authenticate_user!
, but I imagined that if I set theCookie
header, it would just work. What am I doing wrong? -
Santhosh Nagulanchi over 8 yearsHow did you get the X-CSRF-Token ?