Issue
This Content is from Stack Overflow. Question asked by Abel Hristodor
Asking this question here because It’s been a couple of days and I can’t find anything useful.
Problem: I have an app deployed to a Kubernetes cluster running on AWS EKS with a custom docker image on AWS ECR. The app works fine with GET requests but not with POST ones. The error given is Errore 403 forbidden CSRF Token not sent
. Django version is 2.2.24 on DRF 3.11.2. I already added CSRF_TRUSTED_ORIGINS in settings.py, nothing changed.
The ingress I’m using is AWS’s Application Load Balancer set like this:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: django
labels:
name: django
annotations:
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/target-type: ip
alb.ingress.kubernetes.io/backend-protocol: HTTP
alb.ingress.kubernetes.io/listen-ports: '[{"HTTP":80}]'
alb.ingress.kubernetes.io/group.name: "alta"
alb.ingress.kubernetes.io/group.order: "2"
alb.ingress.kubernetes.io/healthcheck-protocol: HTTP
alb.ingress.kubernetes.io/healthcheck-port: traffic-port
alb.ingress.kubernetes.io/healthcheck-path: /v1/app
alb.ingress.kubernetes.io/healthcheck-interval-seconds: "15"
alb.ingress.kubernetes.io/healthcheck-timeout-seconds: "5"
alb.ingress.kubernetes.io/success-codes: "200"
alb.ingress.kubernetes.io/healthy-threshold-count: "2"
alb.ingress.kubernetes.io/unhealthy-threshold-count: "2"
spec:
ingressClassName: alb
rules:
- http:
paths:
- pathType: Prefix
path: /
backend:
service:
name: djangoapp-cluster-ip
port:
number: 80
Any help is much appreciated.
Solution
In older versions, the CSRF cookie value was masked.
try this link
also think decorator can help you
views.py
from django.views.decorators.csrf import csrf_exempt
@method_decorator(csrf_exempt, name="post")
This Question was asked in StackOverflow by Abel Hristodor and Answered by darl1ne It is licensed under the terms of CC BY-SA 2.5. - CC BY-SA 3.0. - CC BY-SA 4.0.