Project

Profile

Help

Issue #3906

Updated by dkliban@redhat.com over 6 years ago

Pulp's REST API validates that only acceptable fields are submitted with each request. The list of fields does not include the csrf token. As a result of this validation, the browsable API forms produce responses that look like this: 

 <pre> 
     HTTP 400 Bad Request 
     Allow: GET, POST, HEAD, OPTIONS 
     Content-Type: application/json 
     Vary: Accept 
     
     { 
         "csrfmiddlewaretoken": [ 
             "Unexpected field" 
         ] 
     } 

 </pre> 

 We need to investigate how to configure DRF to stop including this field with each form. Otherwise a fix from comment 3 would be appropriate.  
  

 [0] https://github.com/pulp/pulp/blob/e61cf39444f2f26624a01b0a6782ed95e2114441/pulpcore/pulpcore/app/settings.py#L82 

 [1] https://github.com/encode/django-rest-framework/pull/6113 

Back