Cross-site POST form submissions are forbidden #838
Assignees
Comments
|
On port 8443 it is https protocol, not http. Can you try again? |
|
|
Hi @shertyben, I have successfully tried the exact same docker-compose.yml as you, so I think that issue is related to your environment. How are you accessing CISO Assistant, from your VM directly ? |
|
Hi @Mohamed-Hacene , |
|
Ok, will try to test it in the same environment as you and let you know how it was |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Open dashboard
Screenshots
Environment (please complete the following information):
Additional context
As per recommandations of this issue #227 (comment), added ORIGIN env variable but keep getting same error.
Below my docker-compose.yml
version: "3.9"
services:
backend:
container_name: backend
image: ghcr.io/intuitem/ciso-assistant-community/backend:latest
restart: always
environment:
- ALLOWED_HOSTS=backend,localhost,localhost
- CISO_ASSISTANT_URL=http://localhost:8443
- DJANGO_DEBUG=True
- AUTH_TOKEN_TTL=7200
volumes:
- ./db:/code/db
frontend:
container_name: frontend
environment:
- PUBLIC_BACKEND_API_URL=http://backend:8000/api
- PUBLIC_BACKEND_API_EXPOSED_URL=http://localhost:8443/api
- PROTOCOL_HEADER=x-forwarded-proto
- HOST_HEADER=x-forwarded-host
- ORIGIN=http://localhost:8443
image: ghcr.io/intuitem/ciso-assistant-community/frontend:latest
depends_on:
- backend
caddy:
container_name: caddy
image: caddy:2.7.6
environment:
- CISO_ASSISTANT_URL=http://localhost:8443
depends_on:
- frontend
restart: unless-stopped
ports:
- 8443:8443
volumes:
- ./caddy_data:/data
command: |
sh -c 'echo $$CISO_ASSISTANT_URL "{
reverse_proxy /api/iam/sso/redirect/ backend:8000
reverse_proxy /api/accounts/saml/0/acs/ backend:8000
reverse_proxy /api/accounts/saml/0/acs/finish/ backend:8000
reverse_proxy /* frontend:3000
}" > Caddyfile && caddy run'
The text was updated successfully, but these errors were encountered: