Python POST with nested parameters and X-XSRF-TOKEN failure

I am trying to collect data from the following URL: https://muskegon.policetocitizen.com/Inmates/Catalog.

This relies on a secondary POST to https://muskegon.policetocitizen.com/api/Inmates/3 using an X-XSRF-TOKEN (which appears to be just an XSRF token, available in cookies.

When I try to include the specified parameters and this token, my code is as follows:

import requests
from urllib.parse import urlencode

r = requests.Session()
res = r.get(url)
cookies = res.cookies
cross_ref_token = res.cookies.get("XSRF-TOKEN")

 payload = {
            "FilterOptionsParameters": {
                "IntersectionSearch": "true",
                "SearchText": "",
                "Parameters": []
            },
            "IncludeCount": "true",
            "PagingOptions": {
                "SortOptions": [],
                "Take": 10,
                "Skip": 0
            }
        }

        headers = {
            "User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36",
            "X-XSRF-TOKEN": cross_ref_token,
            "Content-Type": "application/json;charset=UTF-8",
            "Accept": "application/json, text/plain, */*"
        }

res = r.post(self.api_url, headers=headers, params=urlencode(payload), cookies=cookies)

Including the above, I'm still receiving a 500. Not sure if the problem is specifically failure to include the nested parameters, or another missing identifier?

Update

Is this potentially related to the nonce attribute of the content security policy?



Comments

Popular posts from this blog

Today Walkin 14th-Sept

Spring Elasticsearch Operations

Hibernate Search - Elasticsearch with JSON manipulation