From 9ee53b88b0ed76c071189b6f78c875e3594d86a9 Mon Sep 17 00:00:00 2001 From: Rohit Tulasyan Date: Thu, 19 Oct 2023 07:00:31 +0000 Subject: [PATCH] updated settings.py --- blango/settings.py | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/blango/settings.py b/blango/settings.py index f9209bef27..a3d5d2c9bc 100644 --- a/blango/settings.py +++ b/blango/settings.py @@ -9,7 +9,7 @@ For the full list of settings and their values, see https://docs.djangoproject.com/en/3.2/ref/settings/ """ - +import os from pathlib import Path # Build paths inside the project like this: BASE_DIR / 'subdir'. @@ -25,7 +25,14 @@ # SECURITY WARNING: don't run with debug turned on in production! DEBUG = True -ALLOWED_HOSTS = [] +ALLOWED_HOSTS = ['*'] +X_FRAME_OPTIONS = 'ALLOW-FROM ' + os.environ.get('CODIO_HOSTNAME') + '-8000.codio.io' +CSRF_COOKIE_SAMESITE = None +CSRF_TRUSTED_ORIGINS = ['https://' + os.environ.get('CODIO_HOSTNAME') + '-8000.codio.io'] +CSRF_COOKIE_SECURE = True +SESSION_COOKIE_SECURE = True +CSRF_COOKIE_SAMESITE = 'None' +SESSION_COOKIE_SAMESITE = 'None' # Application definition @@ -37,16 +44,17 @@ 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', + 'blog', ] MIDDLEWARE = [ 'django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.common.CommonMiddleware', - 'django.middleware.csrf.CsrfViewMiddleware', + # 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', - 'django.middleware.clickjacking.XFrameOptionsMiddleware', + # 'django.middleware.clickjacking.XFrameOptionsMiddleware', ] ROOT_URLCONF = 'blango.urls'