Forbidden (CSRF cookie not set.): /graphql

jaydenwindle / django-graphql-playground

Apollo GraphQL Playground as a Django view

MIT License

13 stars 3 forks source link

Forbidden (CSRF cookie not set.): /graphql #6

Open OlafHaalstra opened 4 years ago

OlafHaalstra commented 4 years ago

Thanks for your great work! I have a question concerning CRSF.

In my app/app/urls.py I have the following pattern:

urlpatterns = [
    path('admin/', admin.site.urls),
    path('graphql', GraphQLView.as_view(graphiql=True)),
    path('playground', GraphQLPlaygroundView.as_view(endpoint="/graphql")),
]

I could of course add a crsf_exempt, however this is not the intended solution. Any ideas?

Bipasori commented 3 years ago

https://github.com/graphql-python/graphene-django/issues/61

Setting csrf_exempt at urls.py, it works well. Hope this help.