Hi,
I keep moving testing juniper.master, i just do a new fresh install, and once finished, i try to login, but i have this error:
Sep 2 09:33:45 lms [service_variant=lms][django.security.csrf][env:sandbox] WARNING [lms 2020] [user None] [log.py:228] - Forbidden (CSRF cookie not set.): /change_enrollment
Sep 2 09:41:35 lms [service_variant=lms][django.security.csrf][env:sandbox] WARNING [lms 1890] [user None] [log.py:228] - Forbidden (CSRF cookie not set.): /user_api/v1/account/login_session/
Cookies are enabled on my browser, i try to login on EDGE, OPERA, MOZILLA and CHROME, same error:
Forbidden (403) : CSRF verification failed. Request aborted.
You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties.
If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests.
How can i fix it?
Thanks again for your help
Just clear my browser cache and datas, and now i can login well.
Don’t know if it is the good solution for that…
mahyard
(Mahyar Damavand)
September 2, 2020, 2:30pm
3
Perhaps there was a conflict with other Open edX instances or edx.org website.
Don’t you think so?
1 Like
sbernesto
(Ernesto Sanchez Benitez)
September 2, 2020, 10:37pm
4
Hi,
You try change the variable DCS_SESSION_COOKIE_SAMESITE = ‘None’ to Lax,
from edx-platform/lms/envs/common.py and restart
2 Likes
I do not understand, here is what i have in my file /edx/app/edxapp/edx-platform/lms/envs/common.py
# django-session-cookie middleware
DCS_SESSION_COOKIE_SAMESITE = 'None'
DCS_SESSION_COOKIE_SAMESITE_FORCE_ALL = True
What should i change here to make this error gone?
morenol
(Luis Moreno)
September 3, 2020, 3:06pm
6
Hi @Herve_siyou ,
As @sbernesto said, you can change the line with DCS_SESSION_COOKIE_SAMESITE to
DCS_SESSION_COOKIE_SAMESITE = 'lax'
But I think that even better you could add a line in /edx/etc/lms.yml with:
DCS_SESSION_COOKIE_SAMESITE: lax
2 Likes
sbernesto
(Ernesto Sanchez Benitez)
September 3, 2020, 3:37pm
8
hi,
I’m going to try it, thanks
misilot
(Tom Misilo)
September 3, 2020, 6:00pm
9
Is your site running via HTTPS or are you just running HTTP right now?
If so, setting DCS_SESSION_COOKIE_SAMESITE = 'lax'
may not be compatible with HTTPS
Alecar
(Alejandro Cardenas)
September 3, 2020, 6:27pm
10
Hi,
If you are using HTTPS maybe You can set these variables:
EDXAPP_CSRF_COOKIE_SECURE: true
EDXAPP_SESSION_COOKIE_SECURE: true
That working for me.
3 Likes
Running HTTPS, and it works with DCS_SESSION_COOKIE_SAMESITE = ‘lax’
Need help here please, can not login to CMS, just look here: Configuration change from Ironwood to Juniper?
Thanks for your help bro