Public/bloonsworld
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

attempt to fix csrf bug

Browse Source
This commit is contained in:
Walter 2025-02-21 03:10:49 +01:00
parent 532a2815c8
commit dbd8425fc7
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
app/settings/settings.py
View File

@ -31,9 +31,12 @@ def load_insecure_key():
SECRET_KEY = os.environ.get("DJANGO_SECRET_KEY") or load_insecure_key() SECRET_KEY = os.environ.get("DJANGO_SECRET_KEY") or load_insecure_key()
ALLOWED_HOSTS = os.environ.get("DJANGO_ALLOWED_HOSTS", "*").split(" ") ALLOWED_HOSTS = os.environ.get("DJANGO_ALLOWED_HOSTS", "*").split(" ")
CSRF_TRUSTED_ORIGINS = list(f"https://{x.replace('https://', '')}" for x in os.environ.get("DJANGO_ALLOWED_HOSTS", "*").split(" "))
SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https") SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
print(f"{DEBUG=}, {ALLOWED_HOSTS=}") print(f"{DEBUG=}")
print(f"{ALLOWED_HOSTS=}")
print(f"{CSRF_TRUSTED_ORIGINS=}")
# Application definition # Application definition