From d8c0ae5fafbb4f0199f320f0f897c9606a3b3552 Mon Sep 17 00:00:00 2001
From: Lars Eggert <lars@eggert.org>
Date: Wed, 19 Jul 2023 17:55:22 +0300
Subject: [PATCH] fix: Add numeric localhost addresses to CSRF_TRUSTED_ORIGINS
 (#5989)

---
 ietf/settings.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ietf/settings.py b/ietf/settings.py
index 15ded9662..abb7cde1d 100644
--- a/ietf/settings.py
+++ b/ietf/settings.py
@@ -1295,6 +1295,6 @@ if SERVER_MODE != 'production':
     # Cannot have this set to True if we're using http: from the dev-server:
     CSRF_COOKIE_SECURE = False
     CSRF_COOKIE_SAMESITE = 'Lax'
-    CSRF_TRUSTED_ORIGINS += ['http://localhost:8000']
+    CSRF_TRUSTED_ORIGINS += ['http://localhost:8000', 'http://127.0.0.1:8000', 'http://[::1]:8000']
     SESSION_COOKIE_SECURE = False
     SESSION_COOKIE_SAMESITE = 'Lax'