Issue #3906
Updated by dkliban@redhat.com over 5 years ago
Pulp's REST API validates that only acceptable fields are submitted with each request. The list of fields does not include the csrf token. As a result of this validation, the browsable API forms produce responses that look like this: <pre> HTTP 400 Bad Request Allow: GET, POST, HEAD, OPTIONS Content-Type: application/json Vary: Accept { "csrfmiddlewaretoken": [ "Unexpected field" ] } </pre> We This is caused by the csrf middleware enabled here[0]. Pulp does not need to investigate how to configure DRF to stop including this field with each form. Otherwise we will need to update the validation algorithm. feature at this time. The middleware should be removed. [0] https://github.com/pulp/pulp/blob/e61cf39444f2f26624a01b0a6782ed95e2114441/pulpcore/pulpcore/app/settings.py#L82
.