[Django] #34498: error 403 in login in django

Sat, 15 Apr 2023 08:56:36 -0700 

#34498: error 403 in login in django
-----------------------------------------+------------------------
               Reporter:  vahidzare63    |          Owner:  nobody
                   Type:  Uncategorized  |         Status:  new
              Component:  CSRF           |        Version:  4.2
               Severity:  Normal         |       Keywords:
           Triage Stage:  Unreviewed     |      Has patch:  0
    Needs documentation:  0              |    Needs tests:  0
Patch needs improvement:  0              |  Easy pickings:  0
                  UI/UX:  0              |
-----------------------------------------+------------------------
 hi
 my website error 403 in login

 Help
 Reason given for failure:

     CSRF token from POST incorrect.

 In general, this can occur when there is a genuine Cross Site Request
 Forgery, or when Django’s CSRF mechanism has not been used correctly. For
 POST forms, you need to ensure:

 Your browser is accepting cookies.
 The view function passes a request to the template’s render method.
 In the template, there is a {% csrf_token %} template tag inside each POST
 form that targets an internal URL.
 If you are not using CsrfViewMiddleware, then you must use csrf_protect on
 any views that use the csrf_token template tag, as well as those that
 accept the POST data.
 The form has a valid CSRF token. After logging in in another browser tab
 or hitting the back button after a login, you may need to reload the page
 with the form, because the token is rotated after a login.
 You’re seeing the help section of this page because you have DEBUG = True
 in your Django settings file. Change that to False, and only the initial
 error message will be displayed.

 You can customize this page using the CSRF_FAILURE_VIEW setting.

 my setting is

 ALLOWED_HOSTS = ['ov.example.ir' , 'www.ov.example.ir' ,
 'http://ov.example.ir' , 'https://ov.example.ir/' ]

 CSRF_TRUSTED_ORIGINS = [ 'https://ov.example.ir/' ,
 'http://ov.example.ir/']

 tnx

-- 
Ticket URL: <https://code.djangoproject.com/ticket/34498>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/0107018785a1df4f-11c56ad1-d3ca-4bc2-9d61-9451ef138f7c-000000%40eu-central-1.amazonses.com.

Reply via email to