Calling whitelisted API via JS?

Frappe Framework
1

I’d like to build a custom whitelisted API method that I can call via some html/javascript snippets that I put on the public website (for logged-out and logged-in users).

However, these would be POST calls and the CSRF checks prohibit calling them via javascript.

Is there any way around this?

2

In the Frappe Framework, you can mark methods as safe for public access by using the

@frappe.whitelist(allow_guest=True)

decorator. This allows the method to be called by both logged-in and logged-out users, bypassing the CSRF protection for that specific method.