Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ontask11.1, admin panel post actions got 403 denied message, we add CSRF_TRUSTED_ORIGINS in base.py , to solve the issue #267

Open
whol019 opened this issue Jul 5, 2024 · 0 comments
Open

ontask11.1, admin panel post actions got 403 denied message, we add CSRF_TRUSTED_ORIGINS in base.py , to solve the issue #267

whol019 opened this issue Jul 5, 2024 · 0 comments

Comments

@whol019
Copy link

whol019 commented Jul 5, 2024

Describe the bug
Ontask11.1
as title. we could not update user settings in admin panel. found out the log in django.log
WARNING [/var/www/html/ontask/venv/lib/python3.9/site-packages/django/utils/log.py:241] Forbidden (Origin checking failed - https://ontask.test.xxx.xxx.xxx does not match any trusted origins.): /otaontask/user/2
/change/

To Reproduce
Steps to reproduce the behavior:

  1. Go to 'admin'
  2. Click on 'users'
  3. edit any user settings and save.
  4. See error

**Solution **
add CSRF_TRUSTED_ORIGINS with our host in the settings/base.py
CSRF_TRUSTED_ORIGINS = ['https://ontask.xxx.xxx.xxx']

Not sure why we did not required it in the past, maybe webroute environment changed etc.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@whol019