Django 1.9 AJAX form CSRF token 403 error - "CSRF cookie not set"
Ok, the issue is quite simple then:
Fetch API is not sending credentials by default. According to MDN:
The credentials read-only property of the Request interface indicates whether the user agent should send cookies from the other domain in the case of cross-origin requests. This is similar to XHR’s withCredentials flag, but with three available values.
Default is omit
, and it never sends cookies. You just need to add same-origin
to your fetch()
function arguments:
fetch(formUrl, { ... credentials: 'same-origin', ...})
And you'll be good to go : )