CSRF token missing or incorrect
600 views
Skip to first unread message
Mats Brorson
Sep 23, 2020, 5:28:27 AM9/23/20
to NetBox
We are preparing an upgrade of our 2.8.x installation that we run in docker.
Upgrading to 2.9.3 breaks the API somewhat. Trying to POST to the API gives the following error:
{
"detail": "CSRF Failed: CSRF token missing or incorrect."
}
Google did not turn up any answers.....
Brian Candler
Sep 23, 2020, 5:56:21 AM9/23/20
to NetBox
Can you give specifics:
- are you using the netbox-community/netbox-docker image, or something else?
- what URL are you posting to?
- what's in the POST body?
- are you going via a reverse proxy, if so how is it configured?
Mats Brorson
Sep 23, 2020, 6:24:40 AM9/23/20
to NetBox
Never mind, I found my own stupidity using a browser based rest client + LDAP authentication. Always use incognito mode.......
Andrey Ivanov
Feb 12, 2021, 8:50:23 AM2/12/21
to NetBox
how did you solve the problem?
I am getting a similar error:
{"detail": "CSRF Failed: CSRF token missing or incorrect." }
I am using reverse proxy on Apache + authorization by REMOTE_USER.
on DEV everything works, on TEST environment it does not work ((
class Person:
def __init __ (self, group, url):
self.url = url
self.nbUrlGroup2 = self.url + group
# print (self.nbUrlGroup2)
self.response = requests.get (self.nbUrlGroup2, headers = head, verify = False)
self.result = json.loads (
self.response.text)
#print (self.nbUrlGroup2)
return
среда, 23 сентября 2020 г. в 13:24:40 UTC+3, ma...@brorson.se:
Brian Candler
Feb 12, 2021, 10:39:35 AM2/12/21
to NetBox
Rather than writing a custom HTTP client, you might be better off using pynetbox.
Finally: if you're doing REMOTE_USER authentication, you'll need to disable this for your API users in the proxy. This can be done by permitting requests from the API client source IP address(es) to bypass whatever other form of authentication you're using to set REMOTE_USER.
Reply all
Reply to author
Forward
0 new messages