[SOLVED] Django Kubernetes Ingress CSRF Cookie not sent

Issue

This Content is from Stack Overflow. Question asked by Abel Hristodor

Asking this question here because It’s been a couple of days and I can’t find anything useful.

Problem: I have an app deployed to a Kubernetes cluster running on AWS EKS with a custom docker image on AWS ECR. The app works fine with GET requests but not with POST ones. The error given is Errore 403 forbidden CSRF Token not sent. Django version is 2.2.24 on DRF 3.11.2. I already added CSRF_TRUSTED_ORIGINS in settings.py, nothing changed.

The ingress I’m using is AWS’s Application Load Balancer set like this:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: django
  labels:
    name: django
  annotations:
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/target-type: ip
    alb.ingress.kubernetes.io/backend-protocol: HTTP
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP":80}]'
    alb.ingress.kubernetes.io/group.name: "alta"
    alb.ingress.kubernetes.io/group.order: "2"
    alb.ingress.kubernetes.io/healthcheck-protocol: HTTP
    alb.ingress.kubernetes.io/healthcheck-port: traffic-port
    alb.ingress.kubernetes.io/healthcheck-path: /v1/app
    alb.ingress.kubernetes.io/healthcheck-interval-seconds: "15"
    alb.ingress.kubernetes.io/healthcheck-timeout-seconds: "5"
    alb.ingress.kubernetes.io/success-codes: "200"
    alb.ingress.kubernetes.io/healthy-threshold-count: "2"
    alb.ingress.kubernetes.io/unhealthy-threshold-count: "2"
spec:
  ingressClassName: alb
  rules:
    - http:
        paths:
          - pathType: Prefix
            path: /
            backend:
              service:
                name: djangoapp-cluster-ip
                port:
                  number: 80

Any help is much appreciated.



Solution

In older versions, the CSRF cookie value was masked.

try this link

also think decorator can help you

views.py

from django.views.decorators.csrf import csrf_exempt

@method_decorator(csrf_exempt, name="post")


This Question was asked in StackOverflow by Abel Hristodor and Answered by darl1ne It is licensed under the terms of CC BY-SA 2.5. - CC BY-SA 3.0. - CC BY-SA 4.0.

people found this article helpful. What about you?