diff --git a/.env.example b/.env.example
index 8a7e3f4..9305642 100644
--- a/.env.example
+++ b/.env.example
@@ -1,4 +1,5 @@
 DJANGO_ALLOWED_HOSTS=localhost 127.0.0.1 [::1] vf bloons.walter.lol
+DJANGO_CSRF_TRUSTED_ORIGINS=bloons.walter.lol
 DJANGO_SECRET_KEY=password123
 DJANGO_DEBUG=1
 SQL_ENGINE=django.db.backends.postgresql
diff --git a/app/settings/settings.py b/app/settings/settings.py
index 4e80371..353c44a 100644
--- a/app/settings/settings.py
+++ b/app/settings/settings.py
@@ -31,7 +31,7 @@ def load_insecure_key():
 
 SECRET_KEY = os.environ.get("DJANGO_SECRET_KEY") or load_insecure_key()
 ALLOWED_HOSTS = os.environ.get("DJANGO_ALLOWED_HOSTS", "*").split(" ")
-CSRF_TRUSTED_ORIGINS = list(f"https://{x.replace('https://', '')}" for x in os.environ.get("DJANGO_ALLOWED_HOSTS", "*").split(" "))
+CSRF_TRUSTED_ORIGINS = list(f"https://{x.replace('https://', '')}" for x in os.environ.get("DJANGO_CSRF_TRUSTED_ORIGINS", "*").split(" "))
 SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
 
 print(f"{DEBUG=}")
diff --git a/docker-compose-example.yml b/docker-compose-example.yml
index 53b0132..c5ce3f0 100644
--- a/docker-compose-example.yml
+++ b/docker-compose-example.yml
@@ -14,6 +14,7 @@ services:
       - DJANGO_SECRET_KEY
       - DJANGO_ALLOWED_HOSTS
       - DJANGO_DEBUG
+      - DJANGO_CSRF_TRUSTED_ORIGINS
       - SQL_ENGINE
       - SQL_DATABASE
       - SQL_USER