Thoughts about CSRF checking by host apps - in my case bittorrent #504
dmshimself
started this conversation in
General
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
I've found getting started with a locally hosted docker of cosmos server very easy to do and I'm using self generated certificates at this stage. When I add in a server app and URL for a qbittorrent docker, I get an authentication error when I access it, but weirdly if I select the entry in the address bar, move to the end and hit return again all is well.
If I turn off CSRF detection on the qbittorrent webui settings, the problem disappears.
Authentication in qbittorrent is set to be bypassed for localhost and my local network. Enable host header validation is off. I've tried setting reverse proxy support to be on a given the ip address of cosmos server, but no joy.
I wonder if anyone else had come across this type of behaviour and found a workaround or configuration I have missed or might try on either the cosmos server or qbittorrent?
Beta Was this translation helpful? Give feedback.
All reactions