add CSRF trusted origins to settings and docker-compose environment

2025-11-29 23:08:35 +01:00
parent 598b10b574
commit 82bb8328c4
2 changed files with 7 additions and 0 deletions
--- a/backand/MPM/settings.py
+++ b/backand/MPM/settings.py
@@ -128,6 +128,9 @@ STATIC_ROOT = BASE_DIR / "staticfiles"
 USE_X_FORWARDED_HOST = True
 SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')

+# CSRF Trusted Origins
+CSRF_TRUSTED_ORIGINS = os.getenv("CSRF_TRUSTED_ORIGINS", "").split(",")
+
 # Default primary key field type
 # https://docs.djangoproject.com/en/5.2/ref/settings/#default-auto-field

--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -6,6 +6,10 @@ services:
      dockerfile: Dockerfile
    env_file:
      - ./backand/.env
+    environment:
+      - HOSTS=bartool.ovh,localhost
+      - CSRF_TRUSTED_ORIGINS=https://bartool.ovh
+      - NODE_ENV=production
    volumes:
      - static_content:/app/staticfiles
    ports: