From 8fb0b92cdfb6f33651670a0c9072fef64920d1f2 Mon Sep 17 00:00:00 2001 From: SKairinos Date: Fri, 20 Dec 2024 08:49:10 +0000 Subject: [PATCH] fix: CSRF_TRUSTED_ORIGINS --- settings.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/settings.py b/settings.py index 16f8633..646b44a 100644 --- a/settings.py +++ b/settings.py @@ -57,4 +57,7 @@ SESSION_ENGINE = "api.models.session" -CSRF_HEADER_NAME = "HTTP_CSRFTOKEN" +CSRF_TRUSTED_ORIGINS = [] +if ENV != "local": + CSRF_TRUSTED_ORIGINS.append(SERVICE_SITE_URL.removeprefix("https://")) + print(f"CSRF_TRUSTED_ORIGINS = {CSRF_TRUSTED_ORIGINS}")