Score:2

csrf token missing pgadmin via nginx

de flag

I am using postgres, pgadmin, nginx docker images, also using gunicorn and launching using docker-compose.

I am able to do following things sucessfully as below:

  1. All services are up and running.
  2. Able to login pgadmin(via nginx).
  3. Able to create server and fired queries on database.

Issue is: when I click on logout button. Although, I am able to logout and redirected to login page. But on terminal, I am getting error which is not constant sometimes it is

  1. ERROR pgadmin: 400 Bad Request: The CSRF session token is missing.
  2. ERROR pgadmin: The CSRF token do not match.

I tried many solutions on googling but none of them worked. I also observed following things:

  1. I viewed login page source code, there is csrf_token with long string.
  2. In request header, 'X-pgA-CSRFToken' with long string(both same)

My pgadmin section from nginx conf file as below:

location /pgadmin4 {   

    proxy_cookie_flags ~ secure nohttponly samesite=none;
    proxy_pass http://pgadmin:8081;       

}

I am unable to figure out, what is wrong.

I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.