Pass CSRF_TRUSTED_ORIGINS via environment variable

2025-10-20 23:12:37 +08:00
parent f48aa5b794
commit d52b3d1476
3 changed files with 3 additions and 0 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -22,6 +22,7 @@ services:
      - postgres_password
    environment:
      SECRET_KEY_FILE: /run/secrets/web_secret_key
+      CSRF_TRUSTED_ORIGINS:
      POSTGRES_HOST: postgres
      POSTGRES_PORT: 5432
      POSTGRES_DATABASE: url_shortener
--- a/example.env
+++ b/example.env
@@ -1,4 +1,5 @@
 SECRET_KEY=
+CSRF_TRUSTED_ORIGINS=

 POSTGRES_HOST=localhost
 POSTGRES_PORT=5432
--- a/url_shortener/settings.py
+++ b/url_shortener/settings.py
@@ -31,6 +31,7 @@ SECRET_KEY = os.getenv("SECRET_KEY", "")
 DEBUG = os.getenv("DEBUG", "0") != "0"

 ALLOWED_HOSTS = ["*"]
+CSRF_TRUSTED_ORIGINS = os.getenv("CSRF_TRUSTED_ORIGINS", "").split(",")

 SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")