我正在为一个侧面项目膳食计划工具组装一个PoC。我正在使用运行在AWS上的django和nginx以及uwsgi。该站点正在运行并加载页面,但没有将CSRF cookie传递给浏览器。
CSRF和Messages中间件都启用了,django调试输出列出了'CSRF_COOKIE'的值,我的浏览器启用了cookie,所以我怀疑Django正在尝试设置一个被nginx剥离的cookie或uwsgi。
以下配置信息:
uwsgi.ini
[uwsgi]
chdir=/opt/django/mealplanner/src/mealplanner/
module=mealplanner.wsgi:application
master=True
autoload=True
pidfile=/opt/run/mealplanner.pid
vacuum=True
max-requests=5000
socket=/opt/run/mealplanner.sock
chmod-socket=True
harakiri=120
processes=1
home=/opt/django/mealplanner/src
daemonize=/opt/log/uwsgi/mealplanner.log
nginx.conf
user www-data;
worker_processes 1;
pid /opt/run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# Logging Settings
##
access_log /opt/log/nginx/access.log;
error_log /opt/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
gzip_proxied any;
gzip_comp_level 2;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml \
application/xml+rss text/javascript;
server {
listen 80;
# I've also tried the dns name I access the site with as the server name.
server_name ec2-xx-xx-xx-xx.us-west-2.compute.amazonaws.com xx.xx.xx.xx;
client_max_body_size 50M;
set $home /opt/django/mealplanner;
root $home;
location / {
include uwsgi_params;
uwsgi_pass unix://opt/run/mealplanner.sock;
root $home;
}
}
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
答案 0 :(得分:3)
看起来问题可能是nginx.conf中的server_name。它突然开始工作了,我唯一改变的就是让server_name与网站的域名相匹配。另一方面,更改它似乎没有重新引入问题,所以要么我没有正确地重新启动nginx或者毕竟不是问题。
该网站现在正在运作,但这是我对原因和解决方案没有令人满意的理解的情况之一,所以如果有人能够证实这个假设或指出别的东西我欢迎输入。< / p>