Closed bellisk closed 2 weeks ago
This is going to be a documentation/defaults update, will be added to next release.
So weirdly we "shouldn't" need this in the sense that our own production setup does not need this. I strongly suspect the issue is Nginx config related. One of our 1.0 requirements is people not touching nginx config at all (or touching it less than they do now, relative to Ourchive settings), so I'm going to be tagging this one for 1.0 review. In the meantime, I've added this use case to our troubleshooting in the admin docs.
Describe the bug I've deployed my own Ourchive instance following the steps described here, including setting up SSL using certbot and an nginx reverse proxy. POST requests to the site (e.g. creating a new user or new work) were not successful. In the logs was this error (url replaced with http://example.org):
The cause seems to be that my site url was not in the
CSRF_TRUSTED_ORIGINS
constant. After I editedourchive/ourchive_app/ourchive_app/settings.py
like so, the issue was solved.To Reproduce
Expected behavior Creating a new user, new work, etc. should succeed.
Hosting Digital Ocean droplet running Ubuntu 22.04.