Issue
This Content is from Stack Overflow. Question asked by Abel Hristodor
Asking this question here because It’s been a couple of days and I can’t find anything useful.
Problem: I have an app deployed to a Kubernetes cluster running on AWS EKS with a custom docker image on AWS ECR. The app works fine with GET requests but not with POST ones. The error given is Errore 403 forbidden CSRF Token not sent. Django version is 2.2.24 on DRF 3.11.2. I already added CSRF_TRUSTED_ORIGINS in settings.py, nothing changed.
The ingress I’m using is AWS’s Application Load Balancer set like this:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: django
labels:
name: django
annotations:
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/target-type: ip
alb.ingress.kubernetes.io/backend-protocol: HTTP
alb.ingress.kubernetes.io/listen-ports: '[{"HTTP":80}]'
alb.ingress.kubernetes.io/group.name: "alta"
alb.ingress.kubernetes.io/group.order: "2"
alb.ingress.kubernetes.io/healthcheck-protocol: HTTP
alb.ingress.kubernetes.io/healthcheck-port: traffic-port
alb.ingress.kubernetes.io/healthcheck-path: /v1/app
alb.ingress.kubernetes.io/healthcheck-interval-seconds: "15"
alb.ingress.kubernetes.io/healthcheck-timeout-seconds: "5"
alb.ingress.kubernetes.io/success-codes: "200"
alb.ingress.kubernetes.io/healthy-threshold-count: "2"
alb.ingress.kubernetes.io/unhealthy-threshold-count: "2"
spec:
ingressClassName: alb
rules:
- http:
paths:
- pathType: Prefix
path: /
backend:
service:
name: djangoapp-cluster-ip
port:
number: 80
Any help is much appreciated.
Solution
In older versions, the CSRF cookie value was masked.
try this link
also think decorator can help you
views.py
from django.views.decorators.csrf import csrf_exempt
@method_decorator(csrf_exempt, name="post")
This Question was asked in StackOverflow by Abel Hristodor and Answered by darl1ne It is licensed under the terms of CC BY-SA 2.5. - CC BY-SA 3.0. - CC BY-SA 4.0.