Quantcast
Channel: Active questions tagged svelte - Stack Overflow
Viewing all articles
Browse latest Browse all 1541

403 error with SvelteKit form submissions behind ALB with TLS termination

$
0
0

I'm encountering an issue with form submissions in my SvelteKit application hosted behind an Application Load Balancer (ALB) in AWS with TLS termination. When submitting a form via HTTPS, the request fails with a "Cross-site POST form submissions are forbidden" 403 error.

However, form submissions work fine over HTTP or if I disable CSRF checks by setting csrf: { checkOrigin: false } in the SvelteKit config.

I've tried setting the ORIGIN environment variable to http://www.example.com during build time, but the issue persists. How can I resolve this problem and allow form submissions over HTTPS without disabling CSRF checks?

Im using @sveltejs/adapter-node for the adapter

Thank you!


Viewing all articles
Browse latest Browse all 1541

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>