{"id":17176100,"url":"https://github.com/xdynix/httpie-csrf","last_synced_at":"2025-03-24T21:41:46.952Z","repository":{"id":247752225,"uuid":"826744301","full_name":"Xdynix/httpie-csrf","owner":"Xdynix","description":"A plugin that helps HTTPie easily access CSRF-protected (especially Django-style) endpoints.","archived":false,"fork":false,"pushed_at":"2024-12-03T19:52:12.000Z","size":59,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-30T01:44:44.128Z","etag":null,"topics":["httpie"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Xdynix.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-07-10T09:40:49.000Z","updated_at":"2024-12-30T06:44:02.000Z","dependencies_parsed_at":"2024-07-10T12:06:54.693Z","dependency_job_id":"dd560888-15ce-40c0-a9a6-f2b88cdb5fd1","html_url":"https://github.com/Xdynix/httpie-csrf","commit_stats":null,"previous_names":["xdynix/httpie-csrf"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Xdynix%2Fhttpie-csrf","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Xdynix%2Fhttpie-csrf/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Xdynix%2Fhttpie-csrf/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Xdynix%2Fhttpie-csrf/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Xdynix","download_url":"https://codeload.github.com/Xdynix/httpie-csrf/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245359248,"owners_count":20602322,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["httpie"],"created_at":"2024-10-14T23:59:03.371Z","updated_at":"2025-03-24T21:41:46.920Z","avatar_url":"https://github.com/Xdynix.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# httpie-csrf\n\nA plugin that helps [HTTPie](https://httpie.io/) easily access CSRF-protected\n(especially Django-style) endpoints.\n\nIt will try to read the CSRF token from the cookie and add it to the corresponding\nheader; and set the `Referer` header for the request - these are checked by Django's\nCSRF protection.\n\n## Usage\n\nInstallation:\n\n```shell\nhttpie cli plugins install git+https://github.com/Xdynix/httpie-csrf.git\n```\n\nConfigure the settings by creating a `.env` in your working directory,\nor setting environment variables.\n\nExample:\n\n```dotenv\n# Django project default\n\n# Required. Set to the hostname you're querying.\nHTTPIE_CSRF_PREFIX=http://localhost:8000\n\n# Optional, if it's the same as Django's default.\nCSRF_COOKIE_NAME=csrftoken\n\n# Optional, if it's the same as Django's default.\nCSRF_HEADER_NAME=HTTP_X_CSRFTOKEN\n```\n\nNow you can use `http` to query your endpoint directly without being bothered by CSRF\nprotection or sacrificing the security it brings.\n\n```shell\nhttp --session=dev POST http://localhost:8000/api/login username=john password=secret\n```\n\nCaveat: You still need an HTTPie session for this to work. Make it as a default option\nin the HTTPie [config](https://httpie.io/docs/cli/config) to omit the argument.\n\nYou may also need to first make a request to an endpoint that ensures the CSRF cookie is\nprovided (such as one decorated with `ensure_csrf()`) to obtain the CSRF token.\n\n## Setting\n\nThis plugin use [`python-decouple`](https://github.com/HBNetwork/python-decouple) to\nread setting values.\n\nIt will try to read values from the following locations in order:\n\n1. `settings.ini`.\n2. `.env`.\n3. Environment variables.\n\nThe following settings can be configured:\n\n- **HTTPIE_CSRF_PREFIX**: Default: `https://example.com`. The plugin will try to add the\n  CSRF token to the request header only if the prefix of the requested URL matches this\n  value. Note that if you set this to `http://` or `https://` it will override HTTPie's\n  built-in adapters.\n- **CSRF_COOKIE_NAME**: Default: `csrftoken`. The name of cookie that holds the CSRF\n  token.\n- **CSRF_HEADER_NAME**: Default: `HTTP_X_CSRFTOKEN`. The name of the header that will be\n  used to send the CSRF token. This can be a Django-style header name (e.g.\n  `HTTP_X_FOOBAR`) or a standard header name (e.g. `X-Foobar`).\n\n## Development\n\nPrerequisite: [PDM](https://pdm-project.org/latest/)\n\nEnvironment setup: `pdm sync`\n\nRun linters: `pdm lint`\n\nTest: `pdm test`\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxdynix%2Fhttpie-csrf","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fxdynix%2Fhttpie-csrf","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxdynix%2Fhttpie-csrf/lists"}