CSRF TOKEN ISSUE 403

[Ahson-Shaikh]

Hi - I'm trying to use your software wger and when my reverse proxy reaches to it, it gives 403 with CSRF token. I have also tried giving it the env for it as I have seen that in many issues in your projects, but still no luck. Have you guys fixed it or still working on it. Let me know the solution please.

Docker Image: wger/demo
Env: CSRF_TRUSTED_ORIGINS=https://$(PRIMARY_DOMAIN)

With another docker image, it works, but it does not load the CSS and other details of the panel.

Docker Image: wger/server:latest
Env: CSRF_TRUSTED_ORIGINS=https://$(PRIMARY_DOMAIN)

[rolandgeider]

Hi! yes, the demo image is just to quickly start it and test the application. If you want to use it, you need to use server. How are you starting it?

[Ahson-Shaikh]

Thanks for the support. I am just running the image @rolandgeider with env CSRF_TRUSTED_ORIGINS=https://$(PRIMARY_DOMAIN) and exposed ports to 80. Can you please guide me on this. The CSS is not loading up as you can see on the above screenshot.

[rolandgeider]

django doesn't serve static files while running on production mode (the demo has apache configured), so you need another process to do this. The docker compose setup has everything configured https://github.com/wger-project/docker