Skip to content

Commit 7865251

Browse files
stefanfouliscarmstrong
stefanfoulis
authored and
carmstrong
committed
fix(client): add "Referer" header to requests
When running Deis behind an SSL-terminated endpoint, there are issues with Django's CSRF protection. Adding a Referer header is mandatory when using SSL with Django. Reference: https://code.djangoproject.com/ticket/16870 fixes #1002
1 parent 3378532 commit 7865251

1 file changed

Lines changed: 5 additions & 0 deletions

File tree

client/deis.py

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -147,6 +147,11 @@ def request(self, *args, **kwargs):
147147
else:
148148
kwargs['headers'] = {'X-CSRFToken': cookie.value}
149149
break
150+
url = args[1]
151+
if 'headers' in kwargs:
152+
kwargs['headers']['Referer'] = url
153+
else:
154+
kwargs['headers'] = {'Referer': url}
150155
response = super(Session, self).request(*args, **kwargs)
151156
self.cookies.save()
152157
return response

0 commit comments

Comments
 (0)