Upload File API - 403 Forbidden
-
Thank's you for your response @baris
Where I found the
csrf_token
? -
Thank you @baris
Can you help me, how to get cookie from Javascript ?
We send GET /api/config and after we can't access to cookie for the requesst ? -
@clementneveu if you're using fetch API, you can get cookies from the headers:
const res = await fetch(`${url}/api/config`); const cookies = res.headers.get("set-cookie");
But all you'll get from there is the session id.
You can get the csrf token from the response body (parsing it as JSON):
const config = await res.json(); const csrf_token = config.csrf_token
-
To get the
csrf_token
with the config api, no problem for me !But the request failed when I try to uplaod example :
var myHeaders = new Headers(); myHeaders.append("x-csrf-token", "905c19cde3c0a03e76bed59be221c1803b45d8...XXX"); myHeaders.append("Authorization", "Bearer 3e0ae6ca...XXX"); var formdata = new FormData(); formdata.append("files[]", fileInput.files[0], "icon.png"); var requestOptions = { method: 'POST', headers: myHeaders, body: formdata, redirect: 'follow' }; fetch("https://XXX.com/api/post/upload?_uid=53", requestOptions) .then(response => response.text()) .then(result => console.log(result)) .catch(error => console.log('error', error));
I have
403 Forbidden
error. -
@clementneveu what do you see in the server side? Any errors emitted?
-
I have this error:
2023-08-16T09:41:22.719Z [8080/63648] - [31merror[39m: POST /api/post/upload invalid csrf token
-
@clementneveu said in Upload File API - 403 Forbidden:
To get the csrf_token with the config api, no problem for me !
How are you getting this token? Can you show us the code?