Contrib.social

X-CSRF-Token request header is invalid in localhost dev

Open on Drupal.org →
Created on 31 May 2018, about 6 years ago
Updated 23 February 2024, 4 months ago

I ran into an issue where I am getting this error message when running a REST POST request from my local dev environment.
When I first issue a POST request with or wituout X-CSRF-Token set in the header, I was able to successfully POST a content, but on my second request, I now get 403 response with this error message.

{
"message": "X-CSRF-Token request header is invalid"
}

I double checked the token and its a valid value from /rest/session/token.

My workaround but crazy steps I did just to continually do a POST request for my site development:
1. Is to change my http://localhost:8080/ URL into any IP address listed in my Active Network Connection. Im using Ubuntu.

http://192.168.254.102:8080/entity/node?_format=json
http://192.168.42.1:8080/entity/node?_format=json
http://172.17.0.1:8080/entity/node?_format=json

2. I use different REST tools, postman, insomnia, ARC, then go back to step 1.

I think this happens when I upgrade from Drupal core version 8.5.2 into 8.5.3.

🐛 Bug report
Status

Closed: works as designed

Version

10.0

Component
REST 

Last updated about 16 hours ago

Created by

🇵🇭Philippines johnreytanquinco

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

contrib.social Blog FAQ Discussions
Production build 0.69.0 2024