Invalid CSRF Token 'null' when running a curl command

Asked Jun 29 '16 at 19:40

Active Jun 29 '16 at 19:44

Viewed 984 times

I am trying to test a backend and mimic the request being sent by the frontend using curl.

Here is the command I am using:

curl -c cookie.txt --cookie cookie.txt -H "Content-Type:application/x-www-form-urlencoded; charset=UTF-8" -H "Authorization: Basic xxxxxxxxxx" -H "X-CSRFToken: xxxxxxxxxx"-d @data.csv -X POST http://localhost:5050/something/save

I am getting the following respond:

Invalid CSRF Token 'null' was found on the request parameter '_csrf' or header 'X-CSRF-TOKEN'

I found a couple related questions here. But I am not actually using Html and JavaScript. I am trying to use curl.

edited May 23 '17 at 11:52

Community

asked Jun 29 '16 at 19:40

Shan Zhong

1

You should probably not post your base64-encoded password on SO. – TimoStaudinger Jun 29 '16 at 19:42
1

@TimoSta Thanks for the reminder!! – Shan Zhong Jun 29 '16 at 19:46
1

And change your password too because it is in edit history [here](http://stackoverflow.com/revisions/38108687/1). – SilverlightFox Jun 30 '16 at 09:41
Looks like you should be passing `X-CSRF-TOKEN` instead of `X-CSRFToken`? – SilverlightFox Jun 30 '16 at 09:43
1

@SilverlightFox Thanks a lot! I have tried using X-CSRF-TOEKN, the new error message is `Error 403 Invalid CSRF Token '6b4b9f12-8e05-41a8-8063-0772c4594a81-d' was found on the request parameter '_csrf' or header 'X-CSRF-TOKEN'.` – Shan Zhong Jun 30 '16 at 14:06

Invalid CSRF Token 'null' when running a curl command

0 Answers0