Issue with CSRF token after sentry upgrade

Recently we have upgraded sentry to 20.10.0 and sentry date sent by SDK is being rejected at server due to CSRF issue.

web_1                          | 14:04:44 [WARNING] django.security.csrf: Forbidden (CSRF cookie not set.): /api/7/store/ (status_code=403 request=<WSGIRequest: POST u'/api/7/store/'>)
web_1                          | 14:04:44 [WARNING] django.security.csrf: Forbidden (CSRF cookie not set.): /api/7/store/ (status_code=403 request=<WSGIRequest: POST u'/api/7/store/'>)

We have installed setnry on EC2 machine directly and have changed system.url-prefix to sentry.foo.com. Apart from that no other changes are applied.

Any pointers on how to troubleshoot this issue will be helpful.

Looks like you are missing Relay and Nginx. If you search the forum for CSRF you’ll find many answers.

Thanks for the prompt reply. @BYK

I tried few of your answers and some solutions on github issues. Most of them are stale issues and are already fixed in the latest master which we are using.

Not sure how to proceed from here.

If you are using the latest master, this request should never be hitting sentry web: /api/7/store/

It should be directed to Relay through Nginx. I’d make sure your config files have all the updates from our .example files. Sharing any customizations you have made would also be useful for debugging.

Looks like there was a cache somewhere due to which Sentry was still using old configurations. We have set up sentry on a new instance and it is working fine now.

Thanks for the useful pointers. @BYK