Skip to content

Commit 325a0c1

Browse files
author
Taylor Payne
authored
fix: update mock config to include scheme for csrf domains (#37120)
Since the scheme must be included for the CSRF_TRUSTED_ORIGINS setting since Django 4.0, this changes the values in the mock.yml configuration files to use the scheme for the values under CSRF_TRUSTED_ORIGINS. We match the values defined under CSRF_TRUSTED_ORIGINS_WITH_SCHEME key. lms/envs/production.py pulls from CSRF_TRUSTED_ORIGINS_WITH_SCHEME in the YAML config to set the CSRF_TRUSTED_ORIGINS setting , but cms/envs/production.py pulls from CSRF_TRUSTED_ORIGINS in the YAML. So, this change fixes the CMS when run with mock.yml.
1 parent 4a9fc77 commit 325a0c1

2 files changed

Lines changed: 2 additions & 2 deletions

File tree

cms/envs/mock.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -246,7 +246,7 @@ CROSS_DOMAIN_CSRF_COOKIE_DOMAIN: .localhost
246246
CROSS_DOMAIN_CSRF_COOKIE_NAME: csrftoken
247247
CSRF_COOKIE_SECURE: true
248248
CSRF_TRUSTED_ORIGINS:
249-
- .localhost
249+
- https://*.localhost
250250
CSRF_TRUSTED_ORIGINS_WITH_SCHEME:
251251
- https://*.localhost
252252
DATABASES:

lms/envs/mock.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -329,7 +329,7 @@ CROSS_DOMAIN_CSRF_COOKIE_DOMAIN: ''
329329
CROSS_DOMAIN_CSRF_COOKIE_NAME: ''
330330
CSRF_COOKIE_SECURE: true
331331
CSRF_TRUSTED_ORIGINS:
332-
- .sandbox.localhost
332+
- https://*.sandbox.localhost
333333
CSRF_TRUSTED_ORIGINS_WITH_SCHEME:
334334
- https://*.sandbox.localhost
335335
DASHBOARD_COURSE_LIMIT: 250

0 commit comments

Comments
 (0)