mirror/etesync-server
0
0
Fork 0
mirror of https://github.com/etesync/server.git synced 2024-09-19 20:32:16 +02:00
Code

added CSRF_TRUSTED_ORIGINS (#183)

Browse Source 
Since some recent upgrade, I'm not able to login to the admin page of etesync (`/admin/login/`), because the CSRF check fails.


After adding `CSRF_TRUSTED_ORIGINS = ['https://my-domain.com']`, it works.
According to the [docs](https://docs.djangoproject.com/en/4.2/ref/settings/#csrf-trusted-origins), this setting is required in addition to `ALLOWED_HOSTS`.
This commit is contained in:
Craeckie 2024-06-09 20:27:49 +00:00 committed by GitHub
parent 2deb59e932
commit 19aba5345a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
etebase_server/settings.py
View File

@ -164,6 +164,8 @@ if any(os.path.isfile(x) for x in config_locations):
if "allowed_hosts" in config:
ALLOWED_HOSTS = [y for x, y in config.items("allowed_hosts")]
CSRF_TRUSTED_ORIGINS = ["https://" + y for x, y in config.items("allowed_hosts")] + \
["http://" + y for x, y in config.items("allowed_hosts")]
if "database" in config:
DATABASES = {"default": {x.upper(): y for x, y in config.items("database")}}