CSRF failure on login in production

RichardWoj · April 24, 2023, 5:21pm

I 'm in the process of trying to put in place a deployment process on Azure. I have an almost empty app (no form, just display a home page).
In development environment (running on the local Django server with Debug = True), everything is ok.
But on the production server (onAzure), with DEBUG = FALSE, hhen I want to login and submit id & password I get the following message: Forbidden (403) CSRF verification failed. Request aborted.More information is available with DEBUG=True.

Has anyone a clue of what could go wrong?

Thanks

KenWhitesell · April 24, 2023, 6:54pm

See How to use Django’s CSRF protection | Django documentation | Django for details. If you think you’ve already done everything appropriately, please post the template you are using for your login page.

RichardWoj · April 25, 2023, 9:47am

Adding CSRF_TRUSTED_ORIGINS=[‘https://mysite’] in setting.py solved the issuer!