Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1uj9hS-003coq-DV for pgadmin-support@arkaria.postgresql.org; Tue, 05 Aug 2025 04:54:59 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1uj9hQ-007DmU-Ip for pgadmin-support@arkaria.postgresql.org; Tue, 05 Aug 2025 04:54:56 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1uj9hP-007DmM-Vs for pgadmin-support@lists.postgresql.org; Tue, 05 Aug 2025 04:54:56 +0000 Received: from mail-ed1-x52d.google.com ([2a00:1450:4864:20::52d]) by makus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.96) (envelope-from ) id 1uj9hM-000ndj-2b for pgadmin-support@lists.postgresql.org; Tue, 05 Aug 2025 04:54:54 +0000 Received: by mail-ed1-x52d.google.com with SMTP id 4fb4d7f45d1cf-61553a028dfso5097486a12.0 for ; Mon, 04 Aug 2025 21:54:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=webuzo-com.20230601.gappssmtp.com; s=20230601; t=1754369692; x=1754974492; darn=lists.postgresql.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=zxhVVxiSlqJEnX/qqLNy7XfX968mBrppo8Sd8zy4+gs=; b=gMbu31/DtaCq33oY3oOMavFs4E/LBA0TrqdUZ5McuBy7XLOhcccotinObNpGRTDwKW BR3KvdKhw9IPOlB4ql1krbWnXKKySw4vTN/M+ZscyUmwmNGpT82N9Gz5YwHR5Qe+u6fI 7IJlTbtNWInMXUhpTDF1MeQUmYDGYae08Wfh/f9j+npKvAwQM2ZQrv7FNt2xMYrbWAqj CSHGsf6kWyeJ0wqEnvILhiFhZdyg6/sWMh+kz+t+DLE0mvB9qZP0nQPY96V0e209y40S 1hsYdKIaacwP4HhwCRzgG+mfINxy1iuI2fDWK6Kv2iBE5kK4YIjJfZsU5+ppYpCWEbhI GUEA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1754369692; x=1754974492; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=zxhVVxiSlqJEnX/qqLNy7XfX968mBrppo8Sd8zy4+gs=; b=NJc1k/jKb9GwQJqVkiqiIO8j76vW6phqMVVmJggRYpun0bUs2kDwDMhhwqClhPteHX 2MlAppTJc2JVR5jojW5cVo85cX4Nf0gmXOfB1QeNw1xeqRxYqKEleOT+jCTNiBOV7k08 376MBNQAfPcIHmQDzKZGdHtAmm42jWjlIPu1DuCfV1QBLfaRXY02+uO9c7RoI0thJMFa wizI0FyH8GoyuFA3NfngVWB7aIsyNZNl3NihBCngDuJG9q5OmY7x4R21DJHDf1rBgf3J 7Fk7T++Ex8PNN2kQ+yUQYUgkslcF9X7r4wm2JbXV79s+qLGvkv0JQ7DWeMK3ATCfXNhn J3qA== X-Gm-Message-State: AOJu0YzyMe7JYcvMODf+3c0Wpf+RO7EP7zbq1+K40pYp6SsNFhoAf36J 9+Ea/FtXx7w2SgPUyGqv2uNmwSYqqTbEXy9CEMuci8pcW3NBnCcxs/o17sOBsPFgtA+Zs5XfjAP FmMgN3lHI6BX3l4Cj3aogQf3JnG2seCWxiFUMdGBXucsnLx6C98I0 X-Gm-Gg: ASbGncvrhV9WI6XeFAmsT6f6Z8i6VYBEwoPX/nX7XzBeE2wP2WPDmWy9qtT2v5GUHrX zXnusrwrnjZ+iNantpZuUgeCzrKlolhMcUhy3J4+sSbsiropxCB7GLjGbVy80ovhgckf1nNtcb0 OKjSPbu/0EVj5HqcBA9K0tdbgW+kfbvne3dnT8vezQmNikR7iWoJNR1GlJHoLZozrtGPctWbi4L sJWxHxQK6fRwWW4+haoqQ== X-Google-Smtp-Source: AGHT+IHUoTAW1wbcnlQJmeBU5Nhip/7PZMW5ZzEXdNs8s0OszKBQKlzq6ugLWGtINwOeMIt4lWoxmEsmzOpxVeeyPks= X-Received: by 2002:a17:907:3f99:b0:ae8:4776:fbb1 with SMTP id a640c23a62f3a-af93ffb9359mr1398125466b.11.1754369691826; Mon, 04 Aug 2025 21:54:51 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Shakir Idrisi Date: Tue, 5 Aug 2025 10:23:28 +0530 X-Gm-Features: Ac12FXzC6VCzZ3r5ZDT_Ol5UcHMio5aTuCBvW9GCfbArIdpj-mu5PvwoNlLAJbc Message-ID: Subject: Re: Issue with pgAdmin 4 Login Behind NGINX Reverse Proxy at /pgadmin4 Path To: Yogesh Mahajan Cc: "pgadmin-support lists.postgresql.org" Content-Type: multipart/alternative; boundary="000000000000494a6a063b9706d1" List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk --000000000000494a6a063b9706d1 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi, Yes I have tried that conf which you have provided. I have mentioned that in my last reply that it is not working. Still getting blank page after login on https. On Tue, Aug 5, 2025, 9:53 AM Yogesh Mahajan wrote: > Hi, > > I have already provided the nginx configuration. Have you tried it? Issue= s > is clearly with Nginx config. > > Thanks, > Yogesh Mahajan > EnterpriseDB > > > On Mon, Aug 4, 2025 at 4:34=E2=80=AFPM Shakir Idrisi = wrote: > >> Hi, >> I=E2=80=99ve tried the suggested changes, but I=E2=80=99m still encounte= ring the same >> issue =E2=80=94 a blank page appears after logging in over HTTPS. >> >> As a workaround, I modified the config_local.py file and set: >> *WTF_CSRF_CHECK_DEFAULT =3D False* >> >> With this change, pgAdmin works correctly on HTTPS. However, I understan= d >> that disabling CSRF protection is not recommended in a production >> environment, so I=E2=80=99m looking for a more secure solution. >> >> Here=E2=80=99s a snippet of my current *config_local.py* for reference: >> >> DATA_DIR =3D '/var/lib/pgadmin4' >> SQLITE_PATH =3D '/var/lib/pgadmin4/pgadmin4.db' >> SESSION_DB_PATH =3D '/var/lib/pgadmin4/sessions' >> STORAGE_DIR =3D '/var/lib/pgadmin4/storage' >> AZURE_CREDENTIAL_CACHE_DIR =3D '/var/lib/pgadmin4/azurecredentialcache' >> KERBEROS_CCACHE_DIR =3D '/var/lib/pgadmin4/kerberoscache' >> >> SCRIPT_NAME =3D '/pgadmin4' >> >> LOG_LEVEL =3D 'DEBUG' >> CONSOLE_LOG_LEVEL =3D 50 # INFO =3D 20, WARNING =3D 30, ERROR =3D 40, C= RITICAL =3D >> 50 >> FILE_LOG_LEVEL =3D 20 >> LOG_FILE =3D '/var/lib/pgadmin4/log/pgadmin4.log' >> >> Could you please help me identify the correct settings to securely enabl= e >> CSRF protection while ensuring pgAdmin functions properly over both HTTP >> and HTTPS under /pgadmin4? >> >>> --000000000000494a6a063b9706d1 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi,=C2=A0

Ye= s I have tried that conf which you have provided.=C2=A0
I have mentioned that in my last reply that it is not working.=C2=A0
Still getting blank page after login on https.=C2=A0

On Tue, Aug 5, 2025, 9:53 AM Yogesh Mahajan <<= a href=3D"mailto:yogesh.mahajan@enterprisedb.com">yogesh.mahajan@enterprise= db.com> wrote:
Hi,

I have already= =C2=A0provided the nginx configuration. Have you tried it? Issues is clearl= y with Nginx config.

= Thanks,
Yogesh Mahajan
EnterpriseDB


On Mon, Aug 4, 202= 5 at 4:34=E2=80=AFPM Shakir Idrisi <shakir@webuzo.com> wrote:
<= /div>
Hi,
I=E2=80=99ve= tried the suggested changes, but I=E2=80=99m still encountering the same i= ssue =E2=80=94 a blank page appears after logging in over HTTPS.

As = a workaround, I modified the config_local.py file and set:
WTF_CSRF_C= HECK_DEFAULT =3D False

With this change, pgAdmin works correctly= on HTTPS. However, I understand that disabling CSRF protection is not reco= mmended in a production environment, so I=E2=80=99m looking for a more secu= re solution.

Here=E2=80=99s a snippet of my current config_local.= py for reference:

DATA_DIR =3D '/var/lib/pgadmin4'
SQ= LITE_PATH =3D '/var/lib/pgadmin4/pgadmin4.db'
SESSION_DB_PATH = =3D '/var/lib/pgadmin4/sessions'
STORAGE_DIR =3D '/var/lib/p= gadmin4/storage'
AZURE_CREDENTIAL_CACHE_DIR =3D '/var/lib/pgadmi= n4/azurecredentialcache'
KERBEROS_CCACHE_DIR =3D '/var/lib/pgadm= in4/kerberoscache'

SCRIPT_NAME =3D '/pgadmin4'

LO= G_LEVEL =3D 'DEBUG'
CONSOLE_LOG_LEVEL =3D 50 =C2=A0# INFO =3D 20= , WARNING =3D 30, ERROR =3D 40, CRITICAL =3D 50
FILE_LOG_LEVEL =3D 20LOG_FILE =3D '/var/lib/pgadmin4/log/pgadmin4.log'

Could you= please help me identify the correct settings to securely enable CSRF prote= ction while ensuring pgAdmin functions properly over both HTTP and HTTPS un= der /pgadmin4?
<= blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-l= eft-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);pa= dding-left:1ex">
=
--000000000000494a6a063b9706d1--