Event submission rejected by CSRF

eirik.tenold · July 21, 2020, 5:36am

Hi.

I’m running Sentry On-Premise 20.7.1 on Google Cloud Kubernetes. I can access the UI and everything seems OK, except for when I send a error via the Go Client, then the request is rejected by the web module:

05:22:56 [WARNING] django.security.csrf: Forbidden (Referer checking failed - no Referer.): /api/3/store/ (status_code=403 request=<WSGIRequest: POST u’/api/3/store/'>

My install started as a fresh 20.7.0 install and I sent a couple of test events, so I know that parts has worked. I upgraded to 20.7.1 and then I started to notice these issues.

The Google Cloud Load Balancer is taking care of TLS termination.

Any suggestions on what might be the issue?

BYK · July 21, 2020, 12:17pm

Since 20.7.0, we require Relay to be running as it is now the only point for ingesting events. You’d need to add this to your mix. See our nginx file for a sample configuration:

github.com

getsentry/onpremise/blob/4dbfcbcebe9d7ea54bd009bb85a331dc6ef51295/nginx/nginx.conf#L60-L72


	server {
		listen 80;

		location /api/store/ {
			proxy_pass http://relay;
		}
		location ~ ^/api/[1-9]\d*/ {
			proxy_pass http://relay;
		}
		location / {
			proxy_pass http://sentry;
		}
	}

eirik.tenold · July 22, 2020, 5:00am

Got it working with Relay! Thanks for pointing that out!

Topic		Replies	Views
Events get forbidden status on Kubernetes On-Premise	8	2311	January 6, 2021
CSRF Token issue On-Premise	2	7340	May 1, 2020
Referrer error on 9.1.2 On-Premise	2	2634	October 23, 2020
Issue with CSRF token after sentry upgrade On-Premise	4	9188	October 8, 2020
CSRF Verification Failed since Sentry upgrade	6	6841	July 30, 2020

Event submission rejected by CSRF

Related topics