Skip to content

Commit

Permalink
Add CSRF_TRUSTED_ORIGINS setting
Browse files Browse the repository at this point in the history
  • Loading branch information
@bartacc
bartacc committed Nov 20, 2024
1 parent 9c10dad commit 8d068eb
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 0 deletions.
1 change: 1 addition & 0 deletions app/server/settings/common.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,7 @@ def random_string(length=10):
DEBUG = False

ALLOWED_HOSTS = os.environ.get("HOSTS", "staging.zosia.org").split(",")
CSRF_TRUSTED_ORIGINS = [f"https://*.{host}" for host in ALLOWED_HOSTS]

AUTH_USER_MODEL = "users.User"

Expand Down
1 change: 1 addition & 0 deletions app/server/settings/dev.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,3 +54,4 @@
# Especially room.js makes heavy use of it
INTERNAL_IPS = ['127.0.0.1']
ALLOWED_HOSTS = ['127.0.0.1', '0.0.0.0', 'localhost']
CSRF_TRUSTED_ORIGINS = [f"http://*.{host}" for host in ALLOWED_HOSTS]

0 comments on commit 8d068eb

Please sign in to comment.