[Django]-Django: "Forbidden (403) CSRF verification failed. Request aborted." in Docker Production

0👍

Check if your error message includes a line like :

  Origin checking failed - http://my.web.site.com does not match any trusted origins.

If that’s the case, your problem is probably that your django code running inside Docker sees a request as coming from a different site (the one outside Docker) and complains about it.

Proper solution is to trust your site. Add a line like this one to your settings.py :

CSRF_TRUSTED_ORIGINS = [
    'http://my.web.site.com',
]

See Django documentation for more details: Cross Site Request Forgery protection

-1👍

Try the answer from this question:

You need to add {% csrf_token %} in your form

https://docs.djangoproject.com/en/1.4/ref/contrib/csrf/

like that :

<form>
    {% csrf_token %}
    <anything_else>
</form>

Also, you have to use RequestContext(request) everytime you use render_to_response :

return render_to_response("login.html",
    {"registration_id":registration_id},
    context_instance=RequestContext(request))

And you have to import authenticate and login :

from django.contrib.auth import authenticate, login

Leave a comment