Closed sbatchelder closed 4 weeks ago
Hi @sbatchelder , I just tried this on my compose deployment and was not able to reproduce. I tried deleting the csrftoken
cookie while on the login page, and after reloading it was set again. Do you see the same behavior?
Partially. On the login page I delete the csrftoken cookie, i reload the page, cookie is generated, I go to login, and I get the CSRF verification 403 error again (even though the csrftoken is still there).
I was going through our changelog for 1.3.0 and came across this:
https://github.com/cvisionai/tator/pull/1608
I think with a proxied config we might need to shim something into that setting via an environment variable.
Adding our specific site url to CSRF_TRUSTED_ORIGINS
in settings.py
did the trick!
Thanks Jon!!
Saw that VAST Support was added to rc/1.3.0 yesterday (6ee01bb) Decided to try it out, and it seems to work/connect to out VAST backend properly, great.
However, if I log out of my user account, I can no longer log back in. After submitting user credentials I get hit with a
Forbidden 403
CSRF verification failed. Request aborted
error.Is this reproducible on your end?