403 forbidden

[thespamer]

I just create an AWS ec2 with safe-infrastructure with DNS already, but when I logged into my domain:

http://gnosis-test.asd.com:8000/cfg/admin/login/?next=/cfg/admin/chains/chain/add/

There is a Forbidden / CSRF verification failed. Request aborted.

There is any config for django and CSRF ?

Regards

[thespamer]

I saw on container_env_files/cfg.env: CSRF_TRUSTED_ORIGINS="http://gnosis-test.asd.com:8000"

There is another place to set my own domain?

[comverser]

I saw on container_env_files/cfg.env: CSRF_TRUSTED_ORIGINS="http://gnosis-test.asd.com:8000"

There is another place to set my own domain?

Modifying the CSRF_TRUSTED_ORIGINS parameter only in container_env_files/cfg.env worked at the URL "http://localhost:8000/cfg/admin/chains/chain/add/".

However, I am also curious if there are other locations where one should specify a custom domain.

[mhxw]

This might solve your problem. https://github.com/safe-global/safe-transaction-service/issues/1225

[comverser]

This might solve your problem. https://github.com/safe-global/safe-transaction-service/issues/1225

Hello @mhxw, I discovered newer modifications in the txs.env and ui.env files located in the container_env_files directory mentioned in the below issues. Does this imply that the issue you mentioned may not have a perfect solution?

• https://github.com/safe-global/safe-infrastructure/issues/66
• https://github.com/safe-global/safe-infrastructure/issues/64

[hectorgomezv]

Hello @thespamer, I see your test setup is not online anymore. Did you solve the issue? The CSRF_TRUSTED_ORIGINS you wrote seems OK, but maybe another part of your infrastructure (some AWS firewall/API Gateway?) was masking the Origin/Referer field so the CSRF verification didn't pass. You'd need to check the Host saw by the service matches the Origin/Referer as explained in the docs.

If you managed to solve the issue, could you close it? (and if you found where the problem was, it would be really nice if you share it 🙂)