可能是跨域的问题
本地的ip地址登录使用都没有问题，

我用反向代理建立一个外网访问的https的路径，登录页可以打开，但是账号密码提交后报错：

Forbidden (403)

CSRF verification failed. Request aborted.

Help

Reason given for failure:

Referer checking failed - does not match any trusted origins.

In general, this can occur when there is a genuine Cross Site Request Forgery, or when Django’s CSRF mechanism has not been used correctly. For POST forms, you need to ensure:

• Your browser is accepting cookies.
• The view function passes a request to the template’s [render] method.
• In the template, there is a {% csrf_token %} template tag inside each POST form that targets an internal URL.
• If you are not using CsrfViewMiddleware, then you must use csrf_protect on any views that use the csrf_token template tag, as well as those that accept the POST data.
• The form has a valid CSRF token. After logging in in another browser tab or hitting the back button after a login, you may need to reload the page with the form, because the token is rotated after a login.

You’re seeing the help section of this page because you have DEBUG = True in your Django settings file. Change that to False, and only the initial error message will be displayed.

You can customize this page using the CSRF_FAILURE_VIEW setting.

同遇，求解决办法。

是不是反代之后，使用了特殊的端口？

如果使用了非标准端口，则编辑dtable-wwb-setrings.py ,添加以下选项。
CORS_ALLOW_ORIGINS =(“domain:port”)，重新启动即可。

按照你的办法还是不行， 添加 CORS_ALLOW_ORIGINS =(“http://xxxx.xx,xx:xx”) 出现 502 Bad Gateway nginx/1.24.0

CORS_ALLOW_ORIGINS =[“http://xxxx.xx:xxxx”]

你好，我是反代使用了8088端口，请问出现这个报错需要怎么解决呢