From e5a9b9aa50269696547d19cbf7dfa68cb7bda565 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Kucharczyk?= Date: Sun, 8 Jan 2023 14:35:28 +0000 Subject: [PATCH] Fix CSRF error (#22) Fixes #21 Reviewed-on: https://git.kucharczyk.xyz/lukas/timetracker/pulls/22 --- CHANGELOG.md | 4 ++++ Dockerfile | 2 +- pyproject.toml | 2 +- src/web/web/settings.py | 9 +++++---- 4 files changed, 11 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f71930a..a8f1516 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.1.3 / 2023-01-08 15:23+01:00 + +* Fix CSRF error (https://git.kucharczyk.xyz/lukas/timetracker/pulls/22) + ## 0.1.2 / 2023-01-07 22:05+01:00 * Switch to Uvicorn/Gunicorn + Caddy (https://git.kucharczyk.xyz/lukas/timetracker/pulls/4) diff --git a/Dockerfile b/Dockerfile index 3439f94..8aa0b50 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,7 @@ RUN npm install && \ FROM python:3.10.9-alpine -ENV VERSION_NUMBER 0.1.2 +ENV VERSION_NUMBER 0.1.3 ENV PROD 1 RUN apk add \ diff --git a/pyproject.toml b/pyproject.toml index 55795fa..0e7cd4f 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "timetracker" -version = "0.1.2" +version = "0.1.3" description = "A simple time tracker." authors = ["Lukáš Kucharczyk "] license = "GPL" diff --git a/src/web/web/settings.py b/src/web/web/settings.py index 2010421..a0ca0ac 100644 --- a/src/web/web/settings.py +++ b/src/web/web/settings.py @@ -145,7 +145,8 @@ LOGGING = { }, } -CSRF_TRUSTED_ORIGINS = [] - -if os.environ.get("PROD"): - CSRF_TRUSTED_ORIGINS.append(os.environ.get("CSRF_TRUSTED_ORIGINS")) +_csrf_trusted_origins = os.environ.get("CSRF_TRUSTED_ORIGINS") +if _csrf_trusted_origins: + CSRF_TRUSTED_ORIGINS = _csrf_trusted_origins.split(",") +else: + CSRF_TRUSTED_ORIGINS = []