Add option to set CSRF_TRUSTED_ORIGINS (Django 4.0)

2022-09-14 11:04:47 -07:00 · 2022-09-14 11:04:47 -07:00 · e7fef3b2f8
commit e7fef3b2f8
parent e08c6e790b
2 changed files with 3 additions and 2 deletions
--- a/TEMPLATE.env
+++ b/TEMPLATE.env
@ -26,8 +26,9 @@ SERVER_EMAIL=Shynet <noreply@shynet.example.com>
 # General Django settings
 DJANGO_SECRET_KEY=random_string

-# For better security, set this to your deployment's domain. Comma separated.
+# For better security, set these to your deployment's domain. Comma separated.
 ALLOWED_HOSTS=*
+CSRF_TRUSTED_ORIGINS=*

 # Localization
 # https://docs.djangoproject.com/en/2.2/topics/i18n/
--- a/shynet/shynet/settings.py
+++ b/shynet/shynet/settings.py
@ -39,7 +39,7 @@ SECRET_KEY = os.getenv("DJANGO_SECRET_KEY", "onlyusethisindev")
 DEBUG = os.getenv("DEBUG", "False") == "True"

 ALLOWED_HOSTS = os.getenv("ALLOWED_HOSTS", "*").split(",")
-
+CSRF_TRUSTED_ORIGINS = os.getenv("CSRF_TRUSTED_ORIGINS", "*").split(",")

 # Application definition