Consuming API with REST client gives error on CSRF

qor / qor-example

An example application showcasing the QOR SDK

MIT License

1.24k stars 326 forks source link

Consuming API with REST client gives error on CSRF #82

Open sredxny opened 7 years ago

sredxny commented 7 years ago

Hi, I setted up the qor-example project in my local enviroment and everuthing is working, however when I consume the API using Postman I get Could not authorize you because 'CSRF detected' I know that there's a middleware that gives this error, but then why I can only make GET petitions?

But, if I consume the API with curl from the CLI it seems to works fine, I sent for example:

curl -i -X DELETE --url http://localhost:7000/admin/colors/1 --header 'Accept:text/xml'

muhammadn commented 7 years ago

@sredXNY http://localhost:7000/admin/colors/1 is not the correct API url.

Normally, for API consumption the URL is prefixed with /api in the URL so i cannot replicate your problem at my end.