Invalid CSRF Token (docker kubernetes, no Nginx)
I'm running nodebb 1.0.0 forum on docker/kubernetes stack and it works until I try to login. When I try to login I'm getting "invalid csrf token" in logs and forbidden in the browser. On the nodebb's forum it's written https://community.nodebb.org/topic/9222/invalid-csrf-token/6 to add "proxy_set_header X-Forwarded-Proto $scheme; to your Nginx configuration" but I have no Nginx. I'd like to know is there a place in configuration of nodebb to add this to?
Locally when I was running this through docker on ubuntu with all the same ports exposed on localhost like localhost:4567 it worked fine. But now inside docker it's still localhost:4567 but the external dns for it is like http://kubernetes-hack-qwe.zasdfg.int:31955/ requests for this dns and port goes to my kubernetes service with port 31955, and this port then sends this to docker with port 4567. I have no nginx involved anywhere. How can I make login work in my case?
phit last edited by phit
edit config.json and set the url parameter to "http://kubernetes-hack-qwe.zasdfg.int:31955"
urlproperty in config.json should not have a traling
@baris Also for the POST request during login I don't see any tokens:
Status Code:403 Forbidden
Date:Thu, 05 Jan 2017 15:43:23 GMT
User-Agent:Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
and this port then sends this to docker with port 4567. I have no nginx involved anywhere. How can I make login work in my case?
I'm not familiar with Docker, but something is acting as reverse proxy. You'll have to figure out what it is, and add that header in appropriately.