hans
P631
I get the session cookie back in my curl cookie.jar using the first GET /login
However when I try the POST /login with my tesla login and password I don't get back a cookie for the user credentials.
What I do get back is HTML with the following CSRF meta data
<meta content="authenticity_token" name="csrf-param" />
<meta content="****A*TOKEN****" name="csrf-token" />
<meta name="csrf-token" content="****A*TOKEN****">
What I can't figure out is how to use the csrf-token for the subsequent requests using curl.
Is the cookie supposed to be called "csrf-token" or "authenticity_token" or "user_credentials"?
Are you sure this is just a cookie only and doesn't also need other HTTP header fields like X-CSRFToken?
[FONT=Helvetica, sans-serif]
[/FONT]
However when I try the POST /login with my tesla login and password I don't get back a cookie for the user credentials.
What I do get back is HTML with the following CSRF meta data
<meta content="authenticity_token" name="csrf-param" />
<meta content="****A*TOKEN****" name="csrf-token" />
<meta name="csrf-token" content="****A*TOKEN****">
What I can't figure out is how to use the csrf-token for the subsequent requests using curl.
Is the cookie supposed to be called "csrf-token" or "authenticity_token" or "user_credentials"?
Are you sure this is just a cookie only and doesn't also need other HTTP header fields like X-CSRFToken?
[FONT=Helvetica, sans-serif]
[/FONT]