altf4arnold/datatracker
1
0
Fork 0
Code Issues Pull requests Actions 4 Packages Projects Releases Wiki Activity

fix: Add numeric localhost addresses to CSRF_TRUSTED_ORIGINS (#5989)

Browse source
This commit is contained in:
Lars Eggert 2023-07-19 17:55:22 +03:00 committed by GitHub
parent 9d5d9d5172
commit d8c0ae5faf
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
ietf/settings.py
View file

@ -1295,6 +1295,6 @@ if SERVER_MODE != 'production':
# Cannot have this set to True if we're using http: from the dev-server:
CSRF_COOKIE_SECURE = False
CSRF_COOKIE_SAMESITE = 'Lax'
CSRF_TRUSTED_ORIGINS += ['http://localhost:8000']
CSRF_TRUSTED_ORIGINS += ['http://localhost:8000', 'http://127.0.0.1:8000', 'http://[::1]:8000']
SESSION_COOKIE_SECURE = False
SESSION_COOKIE_SAMESITE = 'Lax'