将CSRF令牌传递给requests.post()

时间:2014-08-19 12:46:12

标签: python post csrf python-requests

我看过这篇文章 - Passing csrftoken with python Requests

我一直在努力让它适用于温室。我正在尝试构建一个可以自动创建配置文件的脚本。

我可以使用GET和Cookie获取数据,但我想我已经陷入了X-CSRF的困境。我为Mozilla下载了Live HTTP头插件以获取CSRF令牌,但我不确定如何传递它。

到目前为止我所拥有的:

csrf = 'some_csrf_token'
cookie = 'some_cookie_id'
data = dict('person_first_name'='Morgan') ## this is submitting my name on the form
url = 'https://app.greenhouse.io/people/new?hiring_plan_id=24047'  ##submission form page
headers = {'Cookie':cookie}

r = requests.post(url, data=data, headers=headers)

有什么想法我应该如何构建我的request.post?

1 个答案:

答案 0 :(得分:0)

如果您希望请求为您处理Cookie,则应设置会话。

session = requests.session()
logindata = {'authenticity_token': 'whatevertokenis', 
    'user[email]': 'your@loginemail.com', 
    'user[password]': 'yourpassword',
    'user[remember_me]': '0'}    
login = session.post('https://app.greenhouse.io/users/sign_in', data=logindata) #this should log in in, i don't have an account there to test.
data = dict('person_first_name'='Morgan')
url = 'https://app.greenhouse.io/people/new?hiring_plan_id=24047'
r = session.post(url, data=data) #unless you need to set a user agent or referrer address you may not need the header to be added.