CSRF Django 1.8 referent checker error

Question

CSRF Django 1.8 referent checker error

I searched about this, but could not find a suitable solution.

I have a site www.example.com and subdomains a.example.com and b.example.com. When I try to send a request from a.example.com to b.example.com, I get a Referer check error.

I have the following settings on a.example.com and b.example.com sites:

CSRF_COOKIE_DOMAIN = ".example.com"

But I can not use CSRF_COOKIE_DOMAIN .

+5

csrf django-1.8

Waqas javed Jul 08 '15 at 12:27

source share

1 answer

Pankrat · Answer 1 · 2016-07-05T16:08:25+0000

Django 1.8 has strict link checking for HTTPS. You cannot send messages from a.example.com to b.example.com with CSRF protection included in Django 1.8.

With Django 1.9, they have added a trusted start to CSRF .

CSRF Django 1.8 referent checker error

More articles: