django cloudflare csrf 403

网站套了cloudflare flare发现登录接口403了,csrf验证失败,

debug设置为False

详细报错如下:

Reason given for failure:

复制代码
    Referer checking failed - https://xxx/login does not match any trusted origins.
    

In general, this can occur when there is a genuine Cross Site Request Forgery, or when Django's CSRF mechanism has not been used correctly. For POST forms, you need to ensure:

  • Your browser is accepting cookies.

  • The view function passes a request to the template's render method.

  • In the template, there is a {% csrf_token %} template tag inside each POST form that targets an internal URL.

  • If you are not using CsrfViewMiddleware, then you must use csrf_protect on any views that use the csrf_token template tag, as well as those that accept the POST data.

  • The form has a valid CSRF token. After logging in in another browser tab or hitting the back button after a login, you may need to reload the page with the form, because the token is rotated after a login.

You're seeing the help section of this page because you have DEBUG = True in your Django settings file. Change that to False, and only the initial error message will be displayed.

You can customize this page using the CSRF_FAILURE_VIEW setting.

实际是跨域问题,具体为什么cloudflare会造成跨域不知道,解决方法:

Django配置

复制代码
CSRF_TRUSTED_ORIGINS=[“网站域名.com”]
相关推荐
丕羽2 小时前
【Pytorch】基本语法
人工智能·pytorch·python
bryant_meng2 小时前
【python】Distribution
开发语言·python·分布函数·常用分布
m0_594526303 小时前
Python批量合并多个PDF
java·python·pdf
工业互联网专业3 小时前
Python毕业设计选题:基于Hadoop的租房数据分析系统的设计与实现
vue.js·hadoop·python·flask·毕业设计·源码·课程设计
钱钱钱端3 小时前
【压力测试】如何确定系统最大并发用户数?
自动化测试·软件测试·python·职场和发展·压力测试·postman
慕卿扬3 小时前
基于python的机器学习(二)—— 使用Scikit-learn库
笔记·python·学习·机器学习·scikit-learn
Json____4 小时前
python的安装环境Miniconda(Conda 命令管理依赖配置)
开发语言·python·conda·miniconda
小袁在上班4 小时前
Python 单元测试中的 Mocking 与 Stubbing:提高测试效率的关键技术
python·单元测试·log4j
白狐欧莱雅4 小时前
使用python中的pygame简单实现飞机大战游戏
经验分享·python·游戏·pygame
阿_旭4 小时前
基于YOLO11/v10/v8/v5深度学习的维修工具检测识别系统设计与实现【python源码+Pyqt5界面+数据集+训练代码】
人工智能·python·深度学习·qt·ai