#Csrf_token does not work

Hi is my project . An error occurs when starting on the server, because of csrf request on forms , method is POST . Although csrf_token is present in html.
How to fix it?

Can you please clarify what you mean by "when starting on the server" ?
Are you testing via runserver with DEBUG=True ?
Also can you please post show the template code that has the form ?

server : ip adres and domen for Website === Server Terminal
i dont know to DEBUG=True

                <div class="modal fade " id="exampleModal" tabindex="-1" aria-labelledby="exampleModalLabel" aria-hidden="true">
                    <div class="modal-dialog">
                        <div class="modal-content   mb-2 ">
                            <div class="modal-header">
                                <h5 class="modal-title ml-4" id="exampleModalLabel">Задать вопрос</h5>
                            </div>
                            <div class="modal-body">
                                <form  method="post">
                                    <div class="madara" >

                                        {% csrf_token %}
                                        {{ form.as_p }}
                                        <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Закрыть</button>
                                        <input type="submit" class="btn btn-dark ">
                                    </div>

                                </form>

                            </div>

                        </div>
                    </div>
                </div>

Shortened

If you are submitting it with JS\AJAX make sure you are encoding it correctly

sorry and my form

<form  method="post">
    <div class="madara" >
       {% csrf_token %}
       {{ form.as_p }}
       <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Закрыть</button>
       <input type="submit" class="btn btn-dark "></div>
</form>

And I`m so-so speak en , i dont know to JS/AJAX

For setting DEBUG=TRUE go to settings.py and find DEBUG and then set it to TRUE and try to submit the form to get exception trace

I Found and DEBUG=TRUE It's already worth it

Then you should see full error traceback in your console. Paste it here please

It will be in five minutes

Ошибка доступа (403)
Ошибка проверки CSRF. Запрос отклонён.

Help
Reason given for failure:

Origin checking failed - https://portalofmagic.ru does not match any trusted origins.

In general, this can occur when there is a genuine Cross Site Request Forgery, or when Django’s CSRF mechanism has not been used correctly. For POST forms, you need to ensure:

Your browser is accepting cookies.
The view function passes a request to the template’s render method.
In the template, there is a {% csrf_token %} template tag inside each POST form that targets an internal URL.
If you are not using CsrfViewMiddleware, then you must use csrf_protect on any views that use the csrf_token template tag, as well as those that accept the POST data.
The form has a valid CSRF token. After logging in in another browser tab or hitting the back button after a login, you may need to reload the page with the form, because the token is rotated after a login.
You’re seeing the help section of this page because you have DEBUG = True in your Django settings file. Change that to False, and only the initial error message will be displayed.

You can customize this page using the CSRF_FAILURE_VIEW setting

It is?

Try setting this: https://docs.djangoproject.com/en/5.0/ref/settings/#csrf-trusted-origins

Okay

CSRF_TRUSTED_ORIGINS = ['https://portalofmagic.ru/']

it is?

?

Yes please try with it

Ошибка доступа (403)
Ошибка проверки CSRF. Запрос отклонён.

Help
Reason given for failure:

Origin checking failed - https://portalofmagic.ru does not match any trusted origins.

In general, this can occur when there is a genuine Cross Site Request Forgery, or when Django’s CSRF mechanism has not been used correctly. For POST forms, you need to ensure:

Your browser is accepting cookies.
The view function passes a request to the template’s render method.
In the template, there is a {% csrf_token %} template tag inside each POST form that targets an internal URL.
If you are not using CsrfViewMiddleware, then you must use csrf_protect on any views that use the csrf_token template tag, as well as those that accept the POST data.
The form has a valid CSRF token. After logging in in another browser tab or hitting the back button after a login, you may need to reload the page with the form, because the token is rotated after a login.
You’re seeing the help section of this page because you have DEBUG = True in your Django settings file. Change that to False, and only the initial error message will be displayed.

You can customize this page using the CSRF_FAILURE_VIEW setting.

is not working

go to voice A ?

I wrote a bit about this. I suspect it's your trailing slash https://www.better-simple.com/django/2023/11/04/debugging-csrf-error-in-production/

Okay. I'll write you how to fix it

Its work

thanks

and help me related with openai requests .For some reason, 77 requests are executed per minute and a token error occurs

And how to the error fix

?

If this matter is closed, it's preferable that you open a new topic with the relevant information [stack trace, code, etc..]