django.request：Forbidden(Referer check failed – 没有Refere

我正在使用AWS和Django Rest Framework开发Web应用程序.(Django：v1.8,DRF：v3)
我一直在获取 django.request：Forbidden(Referer检查失败 – 没有Referer.)用于POST多部分表单请求.

我正在使用AWS ELB(弹性负载平衡器),NGINX(我的ec2(在autoscailing组中)和Gunicorn.

AWS ELB侦听器设置如下所示(仅限HTTPS)：

elb https only listener setting

NGINX设置如下：

user  nginx;
worker_processes  auto;

error_log  /var/log/nginx/error.log;
pid        /var/run/nginx.pid;

events {
    worker_connections 1024;
}

http {
    include         /etc/nginx/mime.types;
    default_type    application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                  '$status $body_bytes_sent "$http_referer" '
                  '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;

    keepalive_timeout   65;
    types_hash_max_size 2048;

    include /etc/nginx/conf.d/*.conf;

    index   index.html index.htm;

    upstream my_server {
        server localhost:8000;
    }

    server {

        listen       80;
        server_name  <server name>;
        access_log   /etc/nginx/log/local-wc.access.log;
        error_log    /etc/nginx/log/local-wc.error.log;
        root /usr/share/nginx/html;

        location /api/v1 {
            proxy_pass          http://my_server/api/v1;
            proxy_redirect      off;
            proxy_set_header    Host            $host;
            proxy_set_header    X-Real-IP       $remote_addr;
            proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header    X-Forwarded-Protocol $scheme;
        }
    }
}

<服务器名称>是指向elb DNS名称的CNAME.

换句话说,<服务器名称> => xxxx-123456789.us-west-2.elb.amazonaws.com(记录).
每个API调用都是通过https：//< server name> / api / v1 / *进行的

最后Gunicorn正在经营：
gunicorn my_django_app.wsgi：application -w 1 -b 127.0.0.1:8000 -t 300 –max-requests = 100

和Django设置是：

ALLOWED_HOSTS = ['*']
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO','https')

MIDDLEWARE_CLASSES = (
    'django.contrib.sessions.middleware.SessionMiddleware','django.middleware.common.CommonMiddleware','django.middleware.csrf.CsrfViewMiddleware','django.contrib.auth.middleware.AuthenticationMiddleware','django.contrib.auth.middleware.SessionAuthenticationMiddleware','django.contrib.messages.middleware.MessageMiddleware','django.middleware.security.SecurityMiddleware',)

查看功能如下(使用CSRF免除)：

class UserViewSet(CsrfExemptMixin,mixins.CreateModelMixin,mixins.ListModelMixin,mixins.RetrieveModelMixin,mixins.UpdateModelMixin,viewsets.GenericViewSet):

    # already tried @csrf_exempt
    def create(self,request,*args,**kwargs):
        self.parser_classes = (FormParser,MultiPartParser,)
        .........

再次出问题：

当我发送

curl -i -k -X POST -H "Accept: application/json" 
    -F "email=myemail@email.com" 
    -F "profile_img=@profile.jpg" 
    https://<server name>/api/v1/users/

在我的Django日志中：

[WARNING] django.request: Forbidden (Referer checking failed - no Referer.): /api/v1/users/

它适用于HTTP上的POST或HTTPS上的GET方法.

我想知道ELB配置是错误的还是Nginx配置错误的引用…
如果有人帮我解决这个问题,我将不胜感激.