Closed SEC-nux closed 5 months ago
@SEC-nux
The file/opt/petereport/app/config/petereport_config.py
contains configuration options including the trusted domains for CSRF. If you are hosting this application on an external server (meaning not localhost
), this issue will come up.
Add your domain or IP-Adress to the trusted origins csrf_trusted_origins
.
For example, if your server is running on IP: 192.168.1.127
you have to add default=[... https://192.168.1.127]
to the csrf_trusted_origins
.
@1modm A possible solution would be to dynamically update the csrf_trusted_origins
field with the current IP-Adress or/and FQDN.
@Moneysac90 you can do it yourself creating in your OS host the config file variable assigned to csrf_trusted_origins
:
I haven't checked but something similar to this example should works:
PETEREPORT_DJANGO_CSRF_TRUSTED_ORIGINS="https://$(hostname -I | cut -f1 -d' ')"
Thanks
How to solve the 403 error when logging in! The following error message is displayed
Forbidden (403) CSRF verification failed. Request aborted.
More information is available with DEBUG=True.