Issue #3906
Updated by dkliban@redhat.com over 6 years ago
Pulp's REST API validates that only acceptable fields are submitted with each request. The list of fields does not include the csrf token. As a result of this validation, the browsable API forms produce responses that look like this: <pre> HTTP 400 Bad Request Allow: GET, POST, HEAD, OPTIONS Content-Type: application/json Vary: Accept { "csrfmiddlewaretoken": [ "Unexpected field" ] } </pre> We need to investigate how to configure DRF to stop including this field with each form. Otherwise a fix from comment 3 would be appropriate. [0] https://github.com/pulp/pulp/blob/e61cf39444f2f26624a01b0a6782ed95e2114441/pulpcore/pulpcore/app/settings.py#L82 [1] https://github.com/encode/django-rest-framework/pull/6113