I've been updating my site to a new versions of django/drf from 1.7 to
1.10/2.3 to 3.5.
Now im facing this problem, i am wondering whats causing this.
Forbidden 403 when i request to delete certain email. Post method works
thou like a charm
viewsets.py
class EmailReminderViewSet(viewsets.ModelViewSet):
queryset = EmailReminder.objects.all()
permission_classes = [permissions.AllowAny, ]
serializer_class = EmailReminderSerializer
lookup_field = 'email'
lookup_value_regex = ("@[a-zA-Z0-9_.+-]")
in angular
$http.defaults.headers.common['X-CSRFToken'] =
$cookies.csrftoken;
$http.defaults.headers.common['X-Requested-With'] =
'XMLHttpRequest';
Using defaultrouter with no basename for this viewset
But still getting 403 forbidden. Even if i input wrong email address it
wouldnt return query with item not found.
Every bit of information how to fix this would be so awesome guys, i've
spent more than 40h on this one.
I need to be able to allow both delete and post methods. Post method does
work.
Oh, i even tryed disabling middleware csrf and in that case it returned 405
method not allowed.
Site is also using SMS reminder which works for both post/delete methods.
--
You received this message because you are subscribed to the Google Groups
"Django REST framework" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
