如何禁用xsrfprotection# streamlit

我有一个setup.sh文件:

mkdir -p ~/.streamlit/
echo "
[server]n
port=$PORTn
enableCORS=falsen
headless=truen
n
" > ~/.streamlit/config.toml

当我在Heroku上部署我的应用程序时:它给出了应用程序错误H14，而在我的日志中，我可以看到一个小的覆盖完成:

2022-06-28T13:59:07.660953+00:00 heroku[wev.1]: Restarting
2022-06-28T13:59:07.663151+00:00 heroku[wev.1]: State changed from up to starting
2022-06-28T13:59:08.426158+00:00 heroku[wev.1]: Stopping all processes with SIGTERM
2022-06-28T13:59:08.470430+00:00 app[wev.1]:   Stopping...
2022-06-28T13:59:08.740844+00:00 heroku[wev.1]: Process exited with status 0
2022-06-28T13:59:17.236832+00:00 heroku[wev.1]: Starting process with command `sh setup.sh && streamlit run app.py`
2022-06-28T13:59:17.842753+00:00 heroku[wev.1]: State changed from starting to up
2022-06-28T13:59:19.208294+00:00 app[wev.1]: 2022-06-28 13:59:19.208 
2022-06-28T13:59:19.208305+00:00 app[wev.1]: Warning: the config option 'server.enableCORS=false' is not compatible with 'server.enableXsrfProtection=true'.
2022-06-28T13:59:19.208305+00:00 app[wev.1]: As a result, 'server.enableCORS' is being overridden to 'true'.
2022-06-28T13:59:19.208306+00:00 app[wev.1]: 
2022-06-28T13:59:19.208306+00:00 app[wev.1]: More information:
2022-06-28T13:59:19.208307+00:00 app[wev.1]: In order to protect against CSRF attacks, we send a cookie with each request.
2022-06-28T13:59:19.208308+00:00 app[wev.1]: To do so, we must specify allowable origins, which places a restriction on
2022-06-28T13:59:19.208308+00:00 app[wev.1]: cross-origin resource sharing.
2022-06-28T13:59:19.208308+00:00 app[wev.1]: 
2022-06-28T13:59:19.208309+00:00 app[wev.1]: If cross origin resource sharing is required, please disable server.enableXsrfProtection.
2022-06-28T13:59:19.208309+00:00 app[wev.1]:             
2022-06-28T13:59:19.414636+00:00 app[wev.1]: 
2022-06-28T13:59:19.414646+00:00 app[wev.1]:   You can now view your Streamlit app in your browser.
2022-06-28T13:59:19.414656+00:00 app[wev.1]: 
2022-06-28T13:59:19.414692+00:00 app[wev.1]:   Network URL: http://172.19.20.38:24743
2022-06-28T13:59:19.414722+00:00 app[wev.1]:   External URL: http://3.235.143.6:24743
2022-06-28T13:59:19.414734+00:00 app[wev.1]:

在运行时，它是覆盖我的enableCORS=false为真，我认为这是导致我的应用程序错误。

我以前发布过与"应用程序错误"有关的疑问。: Heroku app应用程序错误，即使成功部署消息
请检查setup.sh和Procfile详细信息。

如何禁用XsrfProtection??

/错误,server.enableCORS=false被覆盖,因为server.enableXsrfProtectiontrue。解决方案是设置server.enableXsrfProtection=false:

mkdir -p ~/.streamlit/
echo "
[server]
port=$PORT
enableXsrfProtection=false
enableCORS=false
headless=true
" > ~/.streamlit/config.toml

我也有义务说明这个设置是为了防止什么，但假设您熟悉关闭它的风险。

相关内容

最新更新

热门标签：