From dbd8425fc7fc1974d553904d90afa49b37cc0f21 Mon Sep 17 00:00:00 2001
From: Walter <walter@walter.lol>
Date: Fri, 21 Feb 2025 03:10:49 +0100
Subject: [PATCH] attempt to fix csrf bug

---
 app/settings/settings.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/app/settings/settings.py b/app/settings/settings.py
index dcbc284..4e80371 100644
--- a/app/settings/settings.py
+++ b/app/settings/settings.py
@@ -31,9 +31,12 @@ def load_insecure_key():
 
 SECRET_KEY = os.environ.get("DJANGO_SECRET_KEY") or load_insecure_key()
 ALLOWED_HOSTS = os.environ.get("DJANGO_ALLOWED_HOSTS", "*").split(" ")
+CSRF_TRUSTED_ORIGINS = list(f"https://{x.replace('https://', '')}" for x in os.environ.get("DJANGO_ALLOWED_HOSTS", "*").split(" "))
 SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
 
-print(f"{DEBUG=}, {ALLOWED_HOSTS=}")
+print(f"{DEBUG=}")
+print(f"{ALLOWED_HOSTS=}")
+print(f"{CSRF_TRUSTED_ORIGINS=}")
 
 # Application definition