0

I have a Django REST API running on Nginx + Gunicorn on my server (an AWS instance) and I'm trying to call this API from a Chrome extension using Ajax. I can't make it work. The API itself seems to work fine – I can make a similar request with cURL and it works fine. However, when I try to do it from the extension, I'm getting 400 error. There is no authentication at the moment, both the website from which I'm calling and the Django app run on https (at first I thought this might be a problem), I added both of them to permissions in manifest.json. My call (from background.js) looks like this:

$.ajax({
    type: "POST",
    crossDomain: true,
    cache: false,
    url: 'https://**************/',
    data: JSON.stringify(collectedData),
    success: function(data, textStatus, xhr) {
        collectedData = [];
        server_response = xhr.status;
    },
    error: function(xhr, textStatus, error) {
        server_response = xhr.status;
    },
    dataType: "json"
}).always(function(){
    sendResponse({ status: server_response });
});

I'm running out of ideas. What am I doing wrong?

machaerus
  • 749
  • 1
  • 6
  • 20
  • 1
    Is the view receiving the post data marked as `@csrf_exempt`? Otherwise you will have to post the `csrfmiddlewaretoken`. Maybe also a [same origin policy](https://stackoverflow.com/a/4613640/1011272) issue? Not sure... – Vitor Freitas Feb 16 '18 at 15:04
  • What is the output of `console.log(error);` in the error callback of your request? – YPCrumble Feb 16 '18 at 16:05
  • @VitorFreitas Can you elaborate a bit on `@csrf_exempt` and `csrfmiddlewaretoken`? I'm not doing it, but also not sure how I could use it. @YPCrumble it's just "Bad request" – machaerus Feb 18 '18 at 11:45

0 Answers0