CSRF Verification Failed - CSRF_TRUSTED_ORIGINS doesn't work

Hi There,

I had Seafile v10 installed on a previous machine, but I’m moving to a new machine. I installed the latest version of Seafile which is now v11, and I got the CSRF verification failed error.

I tried logging into the bash shell of the docker with sudo docker exec -t -i seafile /bin/bash, then editing the /opt/seafile/conf/seahub_settings.py file and adding:

CSRF_TRUSTED_ORIGINS = ["https://files.<domain>.com"]

I then ran

docker compose up -d

(Without the hyphen, only works that way for me?) but the issue has not been resolved.

For some information:

  • I’m running Raspberry Pi OS which seems to be Debian 12 Bookworm.
  • I’m running Seafile on a random high port.
  • I’m not running HTTPS mode.
  • Instead, I’m using a seperate nginx installation outside of the docker container as a reverse proxy for HTTPS access.

For my external nginx installation, I’ve tried:

  • adding proxy_set_header Host $http_host:<random_high_port>; in the location / { } block.
  • I’ve tried $http instead of $http_host.

Nothing seems to work. In fact, now I am unable to log in at all. Providing the correct email and password says that the login details are incorrect.

Is there any way to resolve this issue without downgrading to v10?

I had a similar problem