Nabu Casa cloud

[weaseel]

I just started using nabu Casa cloud. Therefore I added the url to CSRF_TRUSTED_ORIGINS, so it looks like this: CSRF_TRUSTED_ORIGINS: >- http://homeassistant:8123, https://xxxxxxxxxxx.ui.nabu.casa/

Now when I want to start a timer, it still says I have to add the url named above to the trusted origins. I saved the config and also restarted. Read access works. But write access doesn’t. Do I have to do anything else? When using vpn it still works. But not when using nabu Casa cloud.

[OttPeterR]

I'm not a nabu casa user so I've never seen it, so far it seems like you're the first person to report this issue. Could you try a few variants of that url to see if it helps? Such as ui.nabu.casa or just nabu.casa?

@cdubz would you have any ideas what might break that CSRF parameter? There some info on how the Nabu Casa service works with HA here but the gist is "Our UI proxy servers operate at the TCP level and will forward all encrypted data to the local instance."

[weaseel]

Tried everything. With http and https and without. i even removed the other url and entered only the one from Nabu Casa. Is there a possibility for a wildcard?

to be honest: i only need it from time to time. I have a vpn to my home network so it’s no big deal for me. But for others it might be.

[cdubz]

@weaseel how exactly are you setting CSRF_TRUSTED_ORIGINS?

I just started using nabu Casa cloud. Therefore I added the url to CSRF_TRUSTED_ORIGINS, so it looks like this: CSRF_TRUSTED_ORIGINS: >- http://homeassistant:8123/, https://xxxxxxxxxxx.ui.nabu.casa/

Now when I want to start a timer, it still says I have to add the url named above to the trusted origins.

And to be clear, which URL is it saying needs to be added? The https://xxxxxxxxxxx.ui.nabu.casa/ one? Are you sure it's exactly the same URL set in CSRF_TRUSTED_ORIGINS?

[OttPeterR]

The add-on has a ui config text field that passes its value into BB's container env like this using just a simple export command. I'm getting the feeling that since it works normally and only half-works with the Nabu service that it's something with Nabu that's causing the issue... That part about it allowing read access but showing the error on write might be some issue with how the session is being passed around, but I'm quite unfamiliar with how all that works (for BB and in general)

[weaseel]

Sorry for replying so late. Yes I’m sure it is the correct URL since I copied it from the error message. @OttPeterR I think the same since read access works. There seems to be something special with Nabu Casa cloud.

[cdubz]

@weaseel one potential issue could be that the CSRF_TRUSTED_ORIGINS values should not have trailing slashes. I'm not sure off hand if this would cause a problem but try setting that value to http://homeassistant:8123,https://xxxxxxxxxxx.ui.nabu.casa instead.

[tango2590]

I've been using the BB add-on for 6 months and haven't had an issue using it through NabuCasa. My trusted URL doesn't include the last slash so I'd recommend removing it.

[trey072]

I can confirm that the suggestion by @tango2590 to remove the last slash has resolved the issue for me.

Issue started once using Nabu Casa. Thanks for resolving @tango2590

[s00500]

Hm... I still run into this issue... failing on the add child step... the csrfmiddlewaretoken is clearly sent in the headers though... tried with and without slash...

Locally I use the nginx addon...