After submitting a Flask-WTF form, I see the errors "Session token is missing" or "The CSRF tokens do not match". The errors only occur when running on Docker with Docker-compose i.e. there is no CSRF error when I'm running the Flask app normally. I'm using Flask-WTF 0.14.2, Docker 17.03.1-ce, Docker-compose 1.13.0-rc1
1
votes
1 Answers
2
votes
Chances are this is because you're using Docker Machine, and your SERVER_NAME is set to 192.168.99.100 (or whatever your default Docker Machine IP is).
I've noticed that most webkit based browsers don't set cookies for IP based domains, but they allow localhost.
One option you could do is:
Edit your
/etc/hostsfile by adding:192.168.99.100 local.docker(replacing that IP with your Docker Machine IP address if it's different).Change your
SERVER_NAMEto uselocal.docker.
If you want to see a full write up about this, I blogged about it a while back at https://nickjanetakis.com/blog/fix-missing-csrf-token-issues-with-flask.
