如何将xsrf cookie传递给主机?

时间:2012-12-26 01:47:19

标签: python curl python-2.7 tornado

在Tornado应用中,我为

设置了设置

settings = dict(     cookie_secret = “11oETzKXQAGaYdkL5gEmGeJJFuYh7EQnp2XdTP1o /”,     xsrf_cookies =真,     autoescape = “xhtml_escape”, ) (从网上复制,要改变cookie_secret)我试图使用curl从命令行执行

curl -d "name=Paola&last_name=James" --header "X-CSRFToken:11oETzKXQAGaYdkL5gEmGeJJFuYh7EQnp2XdTP1o/" http://127.0.0.1:8000/registration

我得到了像

这样的错误 
curl: (6) Couldn't resolve host 'X-CSRFToken:11oETzKXQAGaYdkL5gEmGeJJFuYh7EQnp2XdTP1o'
<html><title>403: Forbidden</title><body>403: Forbidden</body></html>

如何将xsrf传递给主机?

1 个答案:

答案 0 :(得分:1)

必须在Cookie标头and in the form data OR X-CSRFToken/X-XSRFToken中传递XSRF:

curl -d "name=Paola&last_name=James&_xsrf=11oETzKXQAGaYdkL5gEmGeJJFuYh7EQnp2XdTP1o/" --cookie "_xsrf=11oETzKXQAGaYdkL5gEmGeJJFuYh7EQnp2XdTP1o/; Path=/" http://127.0.0.1:8000/registration


curl -d "name=Paola&last_name=James" --cookie "_xsrf=11oETzKXQAGaYdkL5gEmGeJJFuYh7EQnp2XdTP1o/; Path=/" --header "X-CSRFToken: 11oETzKXQAGaYdkL5gEmGeJJFuYh7EQnp2XdTP1o/" http://127.0.0.1:8000/registration
相关问题
最新问题