meeb
Unable to add a channel due to CSRF error
Hello, I just deployed the TubeSync and it seems to be working, but when trying to add a channel, it fails reporting the following:
Found Issue 772 and followed all the options from there without success.
What's your TUBESYNC_HOSTS set to and does it match the hostname you're accessing the site through?
Yes, tried TUBESYNC_HOSTS=tubesync.whatever.com and TUBESYNC_HOSTS=* but both failed
I think it's something to do with a reverse proxy setup. I'm seeing the same error as @edersong but it works when connecting to tubesync directly over 4848
I'm using nginx proxy manager, and have it setup like:
And when I enabled TUBESYNC_DEBUG the error I get is:
I'm also running tubesync via docker, with the following env vars (omitted TZ, PUID, and GUID as they're default values):
- DJANGO_URL_PREFIX=/tubesync/
- TUBESYNC_HOSTS=mydomain.com
- TUBESYNC_DEBUG=true
For your reverse proxy configuration, you can bypass the included nginx configuration, to access gunicorn directly.
https://github.com/meeb/tubesync/blob/8ef19a80b8fe2017640f3398b34db4be3727bf83/tubesync/tubesync/gunicorn.py#L19-L23
The CSRF code in Django is using X-Forwarded-Host and X-Forwarded-Port to perform the checks.
https://github.com/meeb/tubesync/blob/8ef19a80b8fe2017640f3398b34db4be3727bf83/tubesync/tubesync/settings.py#L151-L154
https://github.com/meeb/tubesync/blob/8ef19a80b8fe2017640f3398b34db4be3727bf83/config/root/etc/nginx/nginx.conf#L117-L136
Bypassed my proxy (traefik) and it's working fine. Tried to use port 8080, but didn't work.
I couldn't get port 8080 to work either - but I was able to get it working through my reverse proxy by just doing:
proxy_set_header Origin "";
I wouldn't recommend doing this for anything internet facing since it kinda defeats the purpose of CSRF - but since I use all my homelab software behind a VPN anyways, it's not a huge deal to me