How to send csrf token in xmlHttpRequest?

Question

Using Ajax or xmlHttpRequest I want to download excel file from django backend. Backend creates file in memory and returns it to user.

According to this answer I should use for this xmlHttpRequest, but there is no info how to set csrf middleware token in post request.

I tried:

To set request.setRequestHeader like this: request.setRequestHeader('x-csrf-token, window.CSRF_TOKEN) - token is missing

and in data:

request.send({'csrfmiddlewaretoken': window.CSRF_TOKEN, 'req': 'ExportAllMessages'});

I can't find any working solution with Ajax.

https://docs.djangoproject.com/en/3.1/ref/csrf/#ajax – Willem Van Onsem Mar 19 '21 at 11:59 — Willem Van Onsem, Mar 19 '21 at 11:59

score 0 · Answer 1 · answered Mar 19 '21 at 12:10

The location of CSRF token varies between projects. Just look at the template of your page and find how it is saved. Potential locations are:

1 Answers1