My site works fine locally, but on the staging server, I get the following error:
"Referer checking failed - Referer is insecure while host is secure."
Settings files are identical in both environments. Possibly should not be, but I'm not sure what needs to be tweaked.
The only other question I can find about this issue is CSRF verification Failed - Referer is insecure while host is secure, but that seems to have the opposite problem (works on production, but not locally).
I've looked at https://github.com/django/django/blob/master/django/middleware/csrf.py, but it's not immediately helpful to me.
This is where I make the POST request:
$(function() {
$(".submit-signin").on("click", function() {
var data = $("#signin-form").serialize();
$.post("/signin/", data, function(response) {
});
});
});
data contains the csrf token:
<form id="signin-form">
<input type="hidden" name="csrfmiddlewaretoken" value="{{ csrf_token }}"/>
{% include "signin_form.html" %}
<button type="button" class="small-button submit-signin">Sign in</button>
</form>
I don't know if the staging server is using HTTPS. How can I find this out?
