marcel/linkding
1
0
Fork 0
mirror of https://github.com/sissbruecker/linkding.git synced 2025-08-07 10:58:25 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add setting and documentation for fixing CSRF errors (#349)

Browse Source 
* Add documentation and setting for solving CSRF errors

* Improve proxy setup docs

* Link to reverse proxy documentation

* Fix link
This commit is contained in:
Sascha Ißbrücker
2022-10-05 10:01:44 +02:00
committed by GitHub
parent 53be77aade
commit 1c3651e91d
6 changed files with 103 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docs/troubleshooting.md
View File

@@ -1,5 +1,13 @@
# Troubleshooting
## Login fails with `403 CSRF verfication failed`
This can be the case when using a reverse proxy that rewrites the `Host` header, such as Nginx.
Since linkding version 1.15, the application includes a CSRF check that verifies that the `Origin` request header matches the `Host` header.
If the `Host` header is modified by the reverse proxy then this check fails.
To fix this, check the [reverse proxy setup documentation](../README.md#reverse-proxy-setup) on how to configure header forwarding for your proxy server, or alternatively configure the [`LD_CSRF_TRUSTED_ORIGINS` option](Options.md#LD_CSRF_TRUSTED_ORIGINS) to the URL from which you are accessing your linkding instance.
## Import fails with `502 Bad Gateway`
The default timeout for requests is 60 seconds, after which the application server will cancel the request and return the above error.