Hello,
Thank you @sam, the reverse proxy change you suggested worked. I don’t know why my test without it did not reveal it was a proxy problem, or what caused it to appear, but the change worked !
Regards,
Stephane
When we have reinstalled discourse it worked for two days and now we have same problem. It happens with a proxy and without the proxy. User cannot login/post/like/register or anything.
We have updated and rebuild discourse many times and will not work. pls help
As stated above, it’s almost certainly the wrong proxy header, if you are on HTTPS. You could try turning off HTTPS.
@codinghorror we haven’t HTTPS enabled
same here:
updated discourse+plugins yesterday.
today users reported login to discourse not possible - already logged in sessions are working fine.
showing login error: “unbekannter fehler / unknown error”
browser console: “BAD CSRF” and some javascript
fix:
add this to nginx config:
proxy_set_header X-Forwarded-Proto https;
best regards,
daniel
If you have http and the site setting force_https, expect a bad time
No, we only use https.
it’s all back working again.
For what it’s worth, the recent upgrade broke things for us also, in exactly the same way. We have a strictly https-only set of subdomains, and an apache reverse-proxy.
The configuration directive in apache equivalent to the nginx advice above is:
RequestHeader set X-Forwarded-Proto "https"
Cheers
يحدث لي نفس الأمر بعد تثبيت نظيف واستعادة ناجحة من نسخة احتياطية قديمة - CSRF سيء.
لا أستخدم أي وكلاء. ومع ذلك، أقوم بالوصول إلى الموقع باستخدام إدخال محلي في ملف /etc/hosts الخاص بي.
وهل تختفي المشكلة إذا تم الإشارة إلى الخادم بشكل صحيح ضمن DNS العام؟
لا أعرف - لقد استعدت مؤقتًا نموذجًا قديمًا على خادم VPS لاستخراج بعض المعلومات منه.
إذا كان عدم وجود سجلات DNS عامة هو السبب، فهل توجد أي طريقة بديلة؟