Hi all, I am getting a lot of *Bad request. The CSRF tokens do not match.* with the following setup on Ubuntu 20.04... apache 2.4.41-4ubuntu3 python 3.8.2 ... and took the following steps...
1. Used venv to create the virtual environment 2. Installed pgadmin4.23 via pip inside the venv 3. Made /data/pgadmin4, /data/.env/pgadmin and /var/log/pgadmin/pgadmin.log owned by pgadmin:pgadmin 4. Placed my old config_local.py in the new venv. 5. Ran the setup.py within the venv My normal website is running and apache is redirecting all http traffic to https automatically and use letsencrypt I can log into pgadmin if I reload the page or double click on links within the app after a lot of reloading and double clicking links I can send sql commands to postgresql and receive answers I guess there is something not working with how the Flask CSRF cookie structure works in combination with my configuration but am clueless at the moment. I tried adding COOKIE configs inside config_local.py but with the same result. Even disabled the firefox config setting Upgrade-Insecure-Requests but no change. I tested in Firefox 78.0.1 (64-bit) and Chromium Version 83.0.4103.116 (Official Build) snap (64-bit) and both give this error. Can pgAdmin4 run in a python 3.8 already? regards, Bastiaan Apache error: ERROR\tflask.app:\t400 Bad Request: The CSRF tokens do not match. Traceback (most recent call last): File "/data/.envs/pgadmin/lib/python3.8/site-packages/flask_wtf/csrf.py", line 256, in protect validate_csrf(self._get_csrf_token()) File "/data/.envs/pgadmin/lib/python3.8/site-packages/flask_wtf/csrf.py", line 106, in validate_csrf raise ValidationError('The CSRF tokens do not match.') wtforms.validators.ValidationError: The CSRF tokens do not match. During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/data/.envs/pgadmin/lib/python3.8/site-packages/flask/app.py", line 1811, in full_dispatch_request rv = self.preprocess_request() File "/data/.envs/pgadmin/lib/python3.8/site-packages/flask/app.py", line 2087, in preprocess_request rv = func() File "/data/.envs/pgadmin/lib/python3.8/site-packages/flask_wtf/csrf.py", line 224, in csrf_protect self.protect() File "/data/.envs/pgadmin/lib/python3.8/site-packages/flask_wtf/csrf.py", line 259, in protect self._error_response(e.args[0]) File "/data/.envs/pgadmin/lib/python3.8/site-packages/flask_wtf/csrf.py", line 302, in _error_response raise CSRFError(reason) flask_wtf.csrf.CSRFError: 400 Bad Request: The CSRF tokens do not match. <MiddleMouse> config_local.py LOG_FILE = '/var/log/pgadmin/pgadmin.log' SQLITE_PATH = '/data/pgadmin4/pgadmin4.db' SESSION_DB_PATH = '/data/pgadmin4/sessions' STORAGE_DIR = '/data/pgadmin4/storage' SERVER_MODE = True ENHANCED_COOKIE_PROTECTION = False SESSION_COOKIE_SECURE = True SESSION_COOKIE_HTTPONLY = True REMEMBER_COOKIE_SECURE = True REMEMBER_COOKIE_HTTPONLY = True apache virtual env config: <VirtualHost*:80> ServerName www.[DOMAINNAME] ServerAlias *.[DOMAINNAME] #DocumentRoot /var/www/[DOMAINNAME]/htdocs <Directory "/var/www/[DOMAINNAME]/htdocs"> OptionsIndexes FollowSymLinks AllowOverride All Require all granted </Directory> ErrorLog /var/log/apache2/error.[DOMAINNAME].log Redirectpermanent / https://www.[DOMAINNAME]/ RewriteEngine On RewriteCond %{HTTPS} off RewriteRule^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] </VirtualHost> <VirtualHost*:443> #Let'sencrypt SSLCertificateFile /etc/letsencrypt/live/www.[DOMAINNAME]/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/www.[DOMAINNAME]/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf ServerName www.[DOMAINNAME] DocumentRoot /var/www/[DOMAINNAME]/htdocs ErrorLog /var/log/apache2/error.[DOMAINNAME].log #Normalwebsite <Directory "/var/www/[DOMAINNAME]/htdocs"> OptionsIndexes FollowSymLinks AllowOverride All Require all granted </Directory> #www.[DOMAINNAME]/db = pgadmin4 application WSGIDaemonProcesspgadmin user=pgadmin group=pgadmin processes=2 threads=5 python-home=/data/.envs/pgadmin WSGIScriptAlias/db /data/.envs/pgadmin/lib/python3.8/site-packages/pgadmin4/pgAdmin4.wsgi <Directory /data/.envs/pgadmin/lib/python3.8/site-packages/pgadmin4> WSGIProcessGrouppgadmin WSGIApplicationGroup%{GLOBAL} Require all granted </Directory> </VirtualHost>