etesync
CSRF verification failed. Request aborted.
I am doing a new install of Etebase (planning to migrate my existing self hosted Etesync 1.0 data to Etebase). I set it up using the instructions in the Readme, Basic Setup and Production Setup. Reached up to the point where nginx is set up to serve the website on port 8000 and communicate with etebase using web port 8001. The admin page comes up correctly but when I enter the superuser credentials, I get the 403 error CSRF verification failed. Request aborted.
I then disabled the nginx site by deleting /etc/nginx/sites-enabled/etebase_nginx.conf and restarting nginx. I then asked uvicorn to serve the site directly on port 8000. When I do this, authentication goes through correctly, and I am presented with the site administration page. So the issue is with some interaction between the etebase_nginx.conf configuration and the etebase.ini configuration. I am not at all familiar with Django, but I understand that CSRF verification failed is related to allowed hosts, but I would think that allowed_host1 = * should cover everything. What else could be going wrong?
Any pointers on how I can debug this?
@jrvarma did you try putting your real domain name in allowed_host1 variabel instead of * ?
Also do you have proxy_set_header Host $host; in the nginx configuration ?
@daftaupe putting my real domain name in allowed_host1 variable did not help. And, yes, I have proxy_set_header Host $host; in the nginx configuration
SOLVED
Running with debug = true showed that the actual error was not in allowed hosts but in trusted origins.
Origin checking failed xxx does not match any trusted origins
This was because I am running the server on a non standard port. I edited the line in settings.py to include a hardcoded port
CSRF_TRUSTED_ORIGINS = ... ["http://" + y + ":NNNN" for x, y in ...
And then it worked!
Might be a good idea to read port from the ini file instead.
I had to insert the following lines into my nginx config:
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
aswell as using the host network in docker by adding this to the docker run command:
--network=host
Attention:
proxy_set_header Host $host; did not work for me, only proxy_set_header Host $http_host; did
This is probably due to me not using standard ports
I had to insert the following lines into my nginx config:
proxy_set_header Host $http_host; proxy_set_header X-Forwarded-Proto $scheme;aswell as using the host network in docker by adding this to the docker run command:
--network=hostAttention:
proxy_set_header Host $http;did not work for me, onlyproxy_set_header Host $http_host;didThis is probably due to me not using standard ports
Well, it's supposed to be proxy_set_header Host $host;, not proxy_set_header Host $http; maybe that's why it wasn't working for you.
Sorry, that was a typo, I have edited my message now.
I retested both, $host did not work, $http_host did work.