From c1e183fbb32e4e94d2f71421f73bfa644266d66d Mon Sep 17 00:00:00 2001
From: Ernesto Rico Schmidt <ernesto@helsinki.at>
Date: Sat, 10 Jun 2023 08:40:58 -0400
Subject: [PATCH] fix: add CSRF_TRUSTED_ORIGINS

---
 steering/settings.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/steering/settings.py b/steering/settings.py
index 6f1653cb..13440640 100644
--- a/steering/settings.py
+++ b/steering/settings.py
@@ -200,6 +200,9 @@ AURA_HOST = os.getenv("AURA_HOST", default="localhost")
 
 SITE_URL = f"{AURA_PROTO}://{AURA_HOST}:{PORT}" if PORT else f"{AURA_PROTO}://{AURA_HOST}"
 
+if AURA_PROTO == "https":
+    CSRF_TRUSTED_ORIGINS = [f"{AURA_PROTO}://{AURA_HOST}"]
+
 LOGGING = {
     "version": 1,
     "disable_existing_loggers": False,
-- 
GitLab