Fix CSRF error #22

Merged
lukas merged 2 commits from fix-csrf into main 2023-01-08 14:35:28 +00:00
4 changed files with 11 additions and 6 deletions

View File

@ -1,3 +1,7 @@
## 0.1.3 / 2023-01-08 15:23+01:00
* Fix CSRF error (https://git.kucharczyk.xyz/lukas/timetracker/pulls/22)
## 0.1.2 / 2023-01-07 22:05+01:00 ## 0.1.2 / 2023-01-07 22:05+01:00
* Switch to Uvicorn/Gunicorn + Caddy (https://git.kucharczyk.xyz/lukas/timetracker/pulls/4) * Switch to Uvicorn/Gunicorn + Caddy (https://git.kucharczyk.xyz/lukas/timetracker/pulls/4)

View File

@ -6,7 +6,7 @@ RUN npm install && \
FROM python:3.10.9-alpine FROM python:3.10.9-alpine
ENV VERSION_NUMBER 0.1.2 ENV VERSION_NUMBER 0.1.3
ENV PROD 1 ENV PROD 1
RUN apk add \ RUN apk add \

View File

@ -1,6 +1,6 @@
[tool.poetry] [tool.poetry]
name = "timetracker" name = "timetracker"
version = "0.1.2" version = "0.1.3"
description = "A simple time tracker." description = "A simple time tracker."
authors = ["Lukáš Kucharczyk <lukas@kucharczyk.xyz>"] authors = ["Lukáš Kucharczyk <lukas@kucharczyk.xyz>"]
license = "GPL" license = "GPL"

View File

@ -145,7 +145,8 @@ LOGGING = {
}, },
} }
_csrf_trusted_origins = os.environ.get("CSRF_TRUSTED_ORIGINS")
if _csrf_trusted_origins:
CSRF_TRUSTED_ORIGINS = _csrf_trusted_origins.split(",")
else:
CSRF_TRUSTED_ORIGINS = [] CSRF_TRUSTED_ORIGINS = []
if os.environ.get("PROD"):
CSRF_TRUSTED_ORIGINS.append(os.environ.get("CSRF_TRUSTED_ORIGINS"))