docker icon indicating copy to clipboard operation
docker copied to clipboard
verified publisher icon wger-project

CSRF TOKEN ISSUE 403

Open Ahson-Shaikh opened this issue 9 months ago • 3 comments

Hi - I'm trying to use your software wger and when my reverse proxy reaches to it, it gives 403 with CSRF token. I have also tried giving it the env for it as I have seen that in many issues in your projects, but still no luck. Have you guys fixed it or still working on it. Let me know the solution please.

Docker Image: wger/demo Env: CSRF_TRUSTED_ORIGINS=https://$(PRIMARY_DOMAIN)

With another docker image, it works, but it does not load the CSS and other details of the panel.

Docker Image: wger/server:latest Env: CSRF_TRUSTED_ORIGINS=https://$(PRIMARY_DOMAIN)

Image

Ahson-Shaikh avatar Mar 11 '25 23:03 Ahson-Shaikh

Hi! yes, the demo image is just to quickly start it and test the application. If you want to use it, you need to use server. How are you starting it?

rolandgeider avatar Mar 12 '25 18:03 rolandgeider

Thanks for the support. I am just running the image @rolandgeider with env CSRF_TRUSTED_ORIGINS=https://$(PRIMARY_DOMAIN) and exposed ports to 80. Can you please guide me on this. The CSS is not loading up as you can see on the above screenshot.

Ahson-Shaikh avatar Mar 13 '25 14:03 Ahson-Shaikh

django doesn't serve static files while running on production mode (the demo has apache configured), so you need another process to do this. The docker compose setup has everything configured https://github.com/wger-project/docker

rolandgeider avatar Mar 13 '25 14:03 rolandgeider