CSRF Token issue

NekaKawaii · April 28, 2020, 11:31am

Hello there!
I have on-premise sentry instation. Today I’ve updated it from 10.0.0dev0 to 10.1.0dev0, and then sentry stops authenticating me giving CSRF verification failed. Web logs shows

11:25:35 [WARNING] django.security.csrf: Forbidden (Referer checking failed
- https://sentry.domain/auth/login/sentry/ does not match any trusted origins.): /auth/login/s
entry/ (status_code=403 request=<WSGIRequest: POST u'/auth/login/sentry/'>)

I’ve tried set system.url-prefix to https://sentry.domain, also system.internal-url-prefix to the same value, have tried turning on all combination of SSL related configs in sentry.config.py. I asked admin to throw away his config and replace it with one from docs (for SSL nginx proxy), also I dropped out installation entirely and installed from scratch. But problem remains. What i need to check also?

Thank you

BYK · May 1, 2020, 12:54pm

Are you using the on-premise repository?

The repo now includes its own nginx, which may be the issue here.

BYK · May 1, 2020, 1:27pm

Seems like this is the issue:

Will submit a fix soon, sorry for the issues.

Topic		Replies	Views
Sentry 9.1.0 does not work with sentry springboot starter On-Premise	4	1777	February 1, 2021
Unable to login On-Premise	0	934	June 18, 2019
Github returns 404 on SSO setup On-Premise	8	2204	October 21, 2020
Web UI - unauthorized access On-Premise	2	1061	April 2, 2019
Sentry-cli v1.49.0 login failure for on-premise upon unrecognization of token option On-Premise	2	1766	January 7, 2020

CSRF Token issue

Related Topics