Failed to make localhost POST call using mail manager (play framework 2.6)
It's so strange that I tested my application controller methods on localhost: 9000 using postman, for my GET api methods I have no problematic access and response, but for POST api methods im getting:
play.filters.CSRF - [CSRF] Check failed because token headers not found
never took this message ...
I have the simplest controller:
def invoiceQA(): Action[JsValue] = Action.async(parse.json) { request =>
Future{Ok(Json.toJson("""{"message": "got your json"}"""))}
}
my route:
POST /update controllers.MyController.update
in the postman receiving 403 is prohibited.
Postman address:
http://localhost:9000/update
does anyone know why this is so.?
+4
source to share
2 answers
If you look at the Play ScalaCsrf Docs , the CSRF filter is configured and validation is performed if any of the conditions are given:
- The request method is not GET, HEAD, or OPTIONS.
- The request has one or more Cookie or Authorization headers.
- The CORS filter is not configured to trust the origin of requests.
If you don't want to use CSRF protection at all, you can simply disable the filter by adding the following configuration (more info in the Play Filters Docs :
play.filters.disabled+=play.filters.csrf.CSRFFilter
+3
source to share