Skip to content

Commit

Permalink
🐛 Patch Django 4.0 CSRF Bug
Browse files Browse the repository at this point in the history
  • Loading branch information
@joyliu-q
joyliu-q committed Jan 3, 2024
1 parent 152773b commit 6347145
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions backend/Platform/settings/base.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -169,6 +169,12 @@
# CORS Settings

CORS_ALLOW_ALL_ORIGINS = True
SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")

# CSRF Settings
# TODO: I (Joy) don't know if this is the fix, or if it's the CORS settings above.

CSRF_TRUSTED_ORIGINS = [ f"https://*.{domain}" for domain in DOMAINS ]

# OAuth2 Settings

Expand Down

0 comments on commit 6347145

Please sign in to comment.