fix: CORS_ORIGIN_WHITELIST was renamed to CORS_ALLOWED_ORIGINS

django-cors-headers renamed the setting for the allowed origins and even though it still supports the fallback the old setting as a fallback, we want to be one the safe side.

fix: CORS_ORIGIN_WHITELIST was renamed to CORS_ALLOWED_ORIGINS
35d9f03f · Konrad Mohrfeldt · bf736d39 · 35d9f03f
Commit 35d9f03f authored 2 years ago by Konrad Mohrfeldt
--- a/steering/settings.py
+++ b/steering/settings.py
@@ -30,9 +30,15 @@ MANAGERS = ADMINS
 # Must be set if DEBUG is False
 ALLOWED_HOSTS = env.list("ALLOWED_HOSTS", default=["127.0.0.1", "localhost"])
-# Whitelist IPs that access the API
+# Whitelist origins that access the API
-CORS_ORIGIN_WHITELIST = env.list(
+CORS_ALLOWED_ORIGINS = env.list(
-    "CORS_ORIGIN_WHITELIST", default=("http://localhost:8080", "http://localhost:8040")
+    "CORS_ALLOWED_ORIGINS",
+    default=env.list(
+        # This is for backwards compatibility as
+        # CORS_ALLOWED_ORIGINS was named CORS_ORIGIN_WHITELIST in the past.
+        "CORS_ORIGIN_WHITELIST",
+        default=("http://localhost:8080", "http://localhost:8040"),
+    ),
 )
 CORS_ALLOW_CREDENTIALS = True
 CORS_ALLOW_HEADERS = list(default_headers) + [