Forbidden (403) CSRF verification failed - Error with Docker, Django and Nginx

I am new to docker. Starting from a Django project (Django 4.0), I am using Docker to side by side with Nginx. I used a docker-compose.yml file and used a custom configuration of Nginx, and everything works. Only when I go to the login screen and click the "Login" button it comes up "Forbidden (403) CSRF verification failed. Request aborted.". The code inside login.html is like this

<form method="post">{% csrf_token %}
  {{ form|crispy }}
  <button class="btn btn-success ml-2" type="submit">Log In</button>

Thanks in advance!

I would recommend you to read through all of these settings starting with "CSRF_" here

As you did not provide your settings.py I can only guess that the problem lays in there. Your form template is fine.

Probably my link leads you already to the correct setting, called CSRF_TRUSTED_ORIGINS where you basically input all your domains that you want to trust as a list. (Trust meaning which domain is allowed to send a post request)

settings.py:

CSRF_TRUSTED_ORIGINS = [
    'https://trusted.domain.one.com',
    'https://trusted.domain.two.com'
]

If this does not work try also to add the 'http://trusted.domain.one.com' without the S in httpS.

Back to Top