How to fix Docker Seafile Forbidden - CSRF verification failed

Problem

While starting your dockerized Seafile instance, you might see the following error message directly after login:

Forbidden (403)
CSRF verification failed. Request aborted.

More information is available with DEBUG=True.

Seafile Docker Forbidden

Solution

This error occurs due to an issue in the configuration while which is produced by the Docker script:

CSRF_TRUSTED_ORIGINS = ['http://https://seafile.mydomain.com']

In order to fix it, remove the double protocol (http://https://) from the CSRF_TRUSTED_ORIGINS variable in the seahub_settings.py file, located in seafile_data/seafile/conf/seahub_settings.py (seafile_data is mounted to /shared in the seahub container).

You can also use this script:

sed -i -e 's#http://https://#https://#g' seafile_data/seafile/conf/seahub_settings.py
sed -i -e 's#https://https://#https://#g' seafile_data/seafile/conf/seahub_settings.py

Result:

CSRF_TRUSTED_ORIGINS = ['https://seafile.mydomain.com']

After that, restart the Seafile instance, e.g. using

docker-compose restart

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow

Buy me a coffee