nginx + Gunicorn + Flask 架构中缺少 CSRF 会话令牌

我用flask开发的网站在gunicorn上运行良好，它使用flask_wtf来设置CSRF。登录和其他 html 页面正在使用 CSRF。

当我在 nginx 反向代理后面运行它时，我收到“CSRF 会话令牌丢失”的消息。错误。

由于gunicorn 上一切正常，我想问题出在我当前的 nginx 配置中。

遵循我正在使用的 nginx.conf：

'''

user ec2-user;
worker_processes auto;
error_log /var/log/nginx/error.log debug;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;
    error_log /var/log/nginx/error.log;
    

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   120;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    include /etc/nginx/conf.d/*.conf;



    ##
    # SSL Settings
    ##
    
    ssl_session_timeout 10m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
    ssl_prefer_server_ciphers on;

##
    # Gzip Settings
    ##

    gzip on;

    gzip_proxied any;
    gzip_min_length 500;
    gzip_disable "MSIE [1-6]\."
    gzip_http_version 1.1;
    gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

    ##
    # Virtual Host Configs
    ##
    
    upstream app_servers {
        server  127.0.0.1:8000;
    }   


    server {
        listen 80;
        return 301 https://$host$request_uri;   
    
    }

    server {
        listen 443 ssl;
        
        ssl_certificate /home/cert/cert.pem;
        ssl_certificate_key /home/cert/privkey.pem;
        keepalive_timeout 120;
        
        location / {
            proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_connect_timeout   3;
            proxy_send_timeout      3;
            proxy_read_timeout      3;
            proxy_ignore_headers Set-Cookie;
            proxy_hide_header    Set-Cookie;
            proxy_cache                     off;
            proxy_pass http://app_servers;
            # Headers for client browser NOCACHE + CORS origin filter 
            proxy_cache                     off;
            proxy_pass http://app_servers;
            # set all cookies to secure, httponly and samesite by modifying "path"
                proxy_cookie_path / "/; secure; HttpOnly; SameSite=lax";
            expires -1;
            
        }
        
        location ^~ /static/ {
            root /home/ec2-user/blabla/application/;
        }

    }
'''

非常欢迎任何帮助、提示、建议如何进一步调查问题、如何跟踪请求。