skip to Main Content

I am using Django, DRF , docker, Nginx and AWS EC2 instance for my personal project, application is working fine when it is using HTTP , once i changed to HTTPS i am getting CSRF Verification Failed.

used {% csrf_token %} where required in html forms

in settings.py I have:

CSRF_COOKIE_SECURE = True

CSRF_TRUSTED_ORIGINS = ['http://localhost/', 'example.co.in', 'www.example.co.in']

CORS_ORIGIN_WHITELIST = ['http://localhost/', 'example.co.in', 'www.example.co.in']

Please help me in solving this issue, thank you everyone

2

Answers


  1. You need to write the "https://" in the CSRF_TRUSTED_ORIGINS and CORS_ORIGIN_WHITELIST, you have "http://" in your settings and this is why with http works but not with https.

    Login or Signup to reply.
  2. Sometimes it happens due to Nginx configuration, please check your Nginx configuration.

    If your Nginx contains following attributes especially prxy_set_header which configures headers to be sent from nginx to a proxied host.

    location / {
        proxy_pass http://IP:port;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $host;
    }
    
    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search