Closed matthewdevenny closed 9 months ago
+1
Installed it via docker-compose using official guide
I use Nginx (main proxy) --> Nginx (Harbor) --> Harbor
Can't configure second backup Harbor in Registries to set up replication between both servers.
Get CSRF token invalid
in logs when try to test connection from main Harbor instance
我在 2.2.1 中遇到了这个问题: {"errors":[{"code":"FORBIDDEN","message":"CSRF token invalid"}]} 我可以通过docker登录harbor,也可以通过WebUI登录harbor。 但是,当我通过 SwaggerUI 测试 API 时,我总是遇到这个问题。顺便说一下,GET 方法运行正常。
Me too
我在 2.2.1 中遇到了这个问题: {"errors":[{"code":"FORBIDDEN","message":"CSRF token invalid"}]} 我可以通过docker登录harbor,也可以通过WebUI登录harbor。 但是,当我通过 SwaggerUI 测试 API 时,我总是遇到这个问题。顺便说一下,GET 方法运行正常。
Me too
解决了么,我也遇到这个问题
我在 2.2.1 中遇到了这个问题: {"errors":[{"code":"FORBIDDEN","message":"CSRF token invalid"}]} 我可以通过docker登录harbor,也可以通过WebUI登录harbor。 但是,当我通过 SwaggerUI 测试 API 时,我总是遇到这个问题。顺便说一下,GET 方法运行正常。
Me too
我在 2.2.1 中遇到了这个问题: {"errors":[{"code":"FORBIDDEN","message":"CSRF token invalid"}]} 我可以通过docker登录harbor,也可以通过WebUI登录harbor。 但是,当我通过 SwaggerUI 测试 API 时,我总是遇到这个问题。顺便说一下,GET 方法运行正常。
Me too
解决了么,我也遇到这个问题
请问问题有解决吗?
Another "me too", using Harbor 2.9.0. The Harbor-API can only be used with the GET
method. POST
and DELETE
fail with CSRF token invalid
.
hostname
and external_url
are set correctly in harbor.yml
.
same here. Still an issue
This issue is being marked stale due to a period of inactivity. If this issue is still relevant, please comment or remove the stale label. Otherwise, this issue will close in 30 days.
This issue was closed because it has been stalled for 30 days with no activity. If this issue is still relevant, please re-open a new issue.
我在 2.2.1 中遇到了这个问题: {"errors":[{"code":"FORBIDDEN","message":"CSRF token invalid"}]} 我可以通过docker登录harbor,也可以通过WebUI登录harbor。 但是,当我通过 SwaggerUI 测试 API 时,我总是遇到这个问题。顺便说一下,GET 方法运行正常。
Me too
我在 2.2.1 中遇到了这个问题: {"errors":[{"code":"FORBIDDEN","message":"CSRF token invalid"}]} 我可以通过docker登录harbor,也可以通过WebUI登录harbor。 但是,当我通过 SwaggerUI 测试 API 时,我总是遇到这个问题。顺便说一下,GET 方法运行正常。
Me too
解决了么,我也遇到这个问题
请问问题有解决吗?
1、通过api /health设置Request.header("Cookie","sid="+uuid)请求 2、从Response的header可获取"X-Harbor-Csrf-Token"->#1 3、从Response的cookie可获取"_gorilla_csrf"->#2和"sid"->#3 4、生成headerMap,key->"X-Harbor-Csrf-Token",value->#1;key->"Cookie",value->"_gorilla_csrf="#2";sid="#3 5、后续API调用Request传入headerMap 6、结束
So I faced this about 6 month ago and don't remember how solved. The main thing is wrong configured helm chart. And I think that I used chart and values from the mAin branch, not from release page. When I set correct parameters on both servers it started to work. If someone interested in, I can share my helm values with you
HttpRequest.delete(requestUrl).basicAuth("admin", "pwd").disableCookie().execute().body();
Updated Harbor from 1.10.4 to 2.0.2 - using the harbor helm chart. I have Okta OIDC as my login provider. Anything that is a POST in the UI results in a CSRF token invalid message. I have SSL termination on an AWS ALB. I see this in both Safari and Chrome. No issues prior to updating to 2.0.2