zombie icon indicating copy to clipboard operation
zombie copied to clipboard

Published 20 hours ago verified publisher icon assaf

zombie.js isn't sending the referer header

Open juliantellez opened this issue 9 years ago • 3 comments

Referer Header

Unfortunately zombie.js isn't sending the referer header with its ajax requests which makes Django's csrf check fail through https connections. Hard-coding the referer as 'https:/mywebsite.com', will get pass Django's check; however its correct value should be the full location (window.location.href) given by the ajax request that is being made from.

juliantellez avatar Dec 24 '15 11:12 juliantellez

Hello, you can set it manually like this

browser.on('request', function (req) {
        if (browser.location) {
            req.headers.set("Referer", browser.location.href);
        }
});

sintanial avatar Jan 14 '16 11:01 sintanial

I needed to do this same workaround for when I was testing JSON-P style AJAX requests, also. Worked just fine.

uberbrady avatar Nov 01 '16 22:11 uberbrady

I think it should be done by default, as browsers have the same behavior.

steebchen avatar Sep 15 '17 13:09 steebchen