django cloudflare csrf 403

网站套了cloudflare flare发现登录接口403了,csrf验证失败,

debug设置为False

详细报错如下:

Reason given for failure:

复制代码
    Referer checking failed - https://xxx/login does not match any trusted origins.
    

In general, this can occur when there is a genuine Cross Site Request Forgery, or when Django's CSRF mechanism has not been used correctly. For POST forms, you need to ensure:

  • Your browser is accepting cookies.

  • The view function passes a request to the template's render method.

  • In the template, there is a {% csrf_token %} template tag inside each POST form that targets an internal URL.

  • If you are not using CsrfViewMiddleware, then you must use csrf_protect on any views that use the csrf_token template tag, as well as those that accept the POST data.

  • The form has a valid CSRF token. After logging in in another browser tab or hitting the back button after a login, you may need to reload the page with the form, because the token is rotated after a login.

You're seeing the help section of this page because you have DEBUG = True in your Django settings file. Change that to False, and only the initial error message will be displayed.

You can customize this page using the CSRF_FAILURE_VIEW setting.

实际是跨域问题,具体为什么cloudflare会造成跨域不知道,解决方法:

Django配置

复制代码
CSRF_TRUSTED_ORIGINS=[“网站域名.com”]
相关推荐
天水幼麟2 分钟前
python学习笔记(深度学习)
笔记·python·学习
巴里巴气4 分钟前
安装GPU版本的Pytorch
人工智能·pytorch·python
wt_cs25 分钟前
银行回单ocr api集成解析-图像文字识别-文字识别技术
开发语言·python
_WndProc1 小时前
【Python】Flask网页
开发语言·python·flask
互联网搬砖老肖1 小时前
Python 中如何使用 Conda 管理版本和创建 Django 项目
python·django·conda
测试者家园1 小时前
基于DeepSeek和crewAI构建测试用例脚本生成器
人工智能·python·测试用例·智能体·智能化测试·crewai
大模型真好玩1 小时前
准确率飙升!Graph RAG如何利用知识图谱提升RAG答案质量(四)——微软GraphRAG代码实战
人工智能·python·mcp
前端付豪1 小时前
11、打造自己的 CLI 工具:从命令行到桌面效率神器
后端·python
前端付豪1 小时前
12、用类写出更可控、更易扩展的爬虫框架🕷
后端·python
江太翁1 小时前
Pytorch torch
人工智能·pytorch·python