Closed kedare closed 5 years ago
Hello.
When trying to setup Single Sign out, my IDP contact Sentry without a referer and it looks like this is the reason why it's not working, I can see this in the logs :
10:39:48 [WARNING] django.request: Forbidden (Referer checking failed - no Referer.): /saml/sls/xxx/ (status_code=403 request=<WSGIRequest: POST u'/saml/sls/xxx/'>) 10.0.0.23 - - [28/Nov/2018:10:39:48 +0000] "POST /saml/sls/xxx/ HTTP/1.0" 403 6498 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_181)"
Looks like this endpoing should have a @csrf_exempt ?
@csrf_exempt
Thanks.
Thanks for the fix :)
Thanks for the report! You're right, the csrf_exempt decorator should definitely be on there.
csrf_exempt
Hello.
When trying to setup Single Sign out, my IDP contact Sentry without a referer and it looks like this is the reason why it's not working, I can see this in the logs :
Looks like this endpoing should have a
@csrf_exempt
?Thanks.