michelkaeser
commented
9 years ago I am closing this as you state it is not good for production use and I have now solved the problem by using subrequests in Nginx for auth. (Y)
Closed michelkaeser closed 9 years ago
michelkaeser
commented
9 years ago I am closing this as you state it is not good for production use and I have now solved the problem by using subrequests in Nginx for auth. (Y)
thomasw
commented
9 years ago I'm very sorry. I missed this ticket while I was on vacation.
If you're using generate_routes, you can disable csrf protection by using csrf_exempt in the passed config: https://github.com/thomasw/djproxy/blob/ae3a219c72f5a7348270180366cbc5cc8564f481/tests/test_urls.py#L23
If you're using a standard class based generic view that extends HttpProxy, you'll need to decorate the dispatch method:
class MyProxy(HttpProxy):
@csrf_exempt
def dispatch(self, *args, **kwargs):
return super(MyProxy, self).dispatch(*args, **kwargs)This is the general procedure for making all instances of class based generic views CSRF exempt.
Proxying websockets would be very difficult and potentially not possible. It really depends on whether or not the django development server supports them, which I haven't looked into yet.
Hi
I am trying to proxy requests to an internal Nginx server which in turn proxy_passes again. At the end, there is an IPython Notebook.
The problem is, that it complaints about missing CSRF cookie. Is there something special I need to set for that to work? Using the Nginx proxy directly works.
BTW: Is is also possible to proxy the websocket protocol?
Thanks!