CsrfToken mismatch with proper token?

Need Help
1

Hii there,

I’m trying to get my app to submit something with XHR to an API my app exposes through a plugin.
Everything shows up fine in my request but I still get a token mismatch.
I’ve looked at a form on my website as well to make sure the token lines up with what said form would send and it does.

1312×723

794×84

However, somehow, the form itself can send it just fine but my XHR gets a CsrfToken mismatch…
I can’t tell it to “not use csrf” here either because it just ignores that (and I don’t want to bother the user of this plugin with manually adding it to the whitelist in his/her project).

2

how are you sending XHR request? show code, i dont see _csrfToken in POST Data in your screenshot

3

It’s in the Cookie section.
(highlighted in the first screenshot).

4

you need to send both cookie and field in post data (or header)

1 Like
5

Oh, alright, I didn’t know that.
Thanks :slight_smile:

UPDATE:
Seems to have worked :slight_smile:
Now getting a “Missing Controller” error, which is more obvious to fix :slight_smile: