How to use curl with Django, csrf tokens and POST requests

Question

I\'m using curl to test one of my Django forms. The calls I\'ve tried (with errors from each, and over multiple lines for readability):

(1):

curl
-d          


        

Answer 1

Try:

curl
 -d "email=test@test.com&a=1"
 http://127.0.0.1:8083/registrations/register/

Notice especially the format of the -d argument.

However, this probably won't work, as your view likely needs a POST request instead of a GET request. Since it will be modifying data, not just returning information.

CSRF protection is only required for 'unsafe' requests (POST, PUT, DELETE). It works by checking the 'csrftoken' cookie against either the 'csrfmiddlewaretoken' form field or the 'X-CSRFToken' http header.

So:

curl
 -X POST
 -d "email=test@test.com&a=1&csrfmiddlewaretoken={inserttoken}"
 --cookie "csrftoken=[as above]"
 http://127.0.0.1:8083/registrations/register/

It's also possible to use --header "X-CSRFToken: {token}" instead of including it in the form data.