Django will reject the CSRF token if the site in forbidden. This message will be displayed even if {% csrf_token %} if maintained in the forms
The solution is to maintain the domain as CSRF trusted origins in settings.py
CSRF_TRUSTED_ORIGINS = [
"https://erprealm.com",
"https://your-other-domain.com",
]
Leave a Reply