django cloudflare csrf 403

网站套了cloudflare flare发现登录接口403了,csrf验证失败,

debug设置为False

详细报错如下:

Reason given for failure:

复制代码
    Referer checking failed - https://xxx/login does not match any trusted origins.
    

In general, this can occur when there is a genuine Cross Site Request Forgery, or when Django's CSRF mechanism has not been used correctly. For POST forms, you need to ensure:

  • Your browser is accepting cookies.

  • The view function passes a request to the template's render method.

  • In the template, there is a {% csrf_token %} template tag inside each POST form that targets an internal URL.

  • If you are not using CsrfViewMiddleware, then you must use csrf_protect on any views that use the csrf_token template tag, as well as those that accept the POST data.

  • The form has a valid CSRF token. After logging in in another browser tab or hitting the back button after a login, you may need to reload the page with the form, because the token is rotated after a login.

You're seeing the help section of this page because you have DEBUG = True in your Django settings file. Change that to False, and only the initial error message will be displayed.

You can customize this page using the CSRF_FAILURE_VIEW setting.

实际是跨域问题,具体为什么cloudflare会造成跨域不知道,解决方法:

Django配置

复制代码
CSRF_TRUSTED_ORIGINS=[“网站域名.com”]
相关推荐
用户27784491049936 小时前
借助DeepSeek智能生成测试用例:从提示词到Excel表格的全流程实践
人工智能·python
JavaEdge在掘金8 小时前
ssl.SSLCertVerificationError报错解决方案
python
我不会编程5559 小时前
Python Cookbook-5.1 对字典排序
开发语言·数据结构·python
老歌老听老掉牙9 小时前
平面旋转与交线投影夹角计算
python·线性代数·平面·sympy
满怀10159 小时前
Python入门(7):模块
python
无名之逆9 小时前
Rust 开发提效神器:lombok-macros 宏库
服务器·开发语言·前端·数据库·后端·python·rust
你觉得2059 小时前
哈尔滨工业大学DeepSeek公开课:探索大模型原理、技术与应用从GPT到DeepSeek|附视频与讲义下载方法
大数据·人工智能·python·gpt·学习·机器学习·aigc
啊喜拔牙10 小时前
1. hadoop 集群的常用命令
java·大数据·开发语言·python·scala
强化生物科研小助手10 小时前
CAS:47623-98-3,DiSBAC2(3)一种慢反应的膜电位敏感探针
django·html·pygame
__lost11 小时前
Pysides6 Python3.10 Qt 画一个时钟
python·qt