kontakt@michaelbakonyi.de writes:
I have the same usecase as Krešimir and tried the example of Mark. So in mailman.cfg I set hostname to "https://lists.mydomain.org" and then fire this command
I don't recall this, and unfortunately Mark is on vacation and completely offline until mid-September, except for maybe a couple days next week.
curl -urestadmin:mypw --referer https://lists.mydomain.org --request POST -H 'Content-Type: application/json' --data-binary '{"list_id": "thelist.lists.mydomain.org", "subscriber": "user@example.net", "display_name": "Joe User", "pre_verified": true, "pre_confirmed": true, "pre_approved": true}' https://lists.mydomain.org/mailman3/postorius/lists/thelist.lists.mydomain.o...
But then I get a CSRF-warning. Do I now have to get the token and put it in my POST or is there an easier way to do this?
As far as *I* know there's no way to avoid the CSRF warning. If that means you can't get the response data you need, you will have to do the CSRF two-step.
With luck maybe Mark will see this in a few days but I think he's going to be busy preparing the 2d half of his trip.
Regards, Steve