diff options
Diffstat (limited to 'ded/settings.py')
| -rw-r--r-- | ded/settings.py | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/ded/settings.py b/ded/settings.py index b2b1da0..f9c3e8a 100644 --- a/ded/settings.py +++ b/ded/settings.py @@ -16,13 +16,18 @@ BASE_DIR = Path(__file__).resolve().parent.parent # For staging (on OpenShift) # was getting 403, CSRF verification failed error +# doesn't work CSRF_COOKIE_SECURE = True SESSION_COOKIE_SECURE = True +CSRF_TRUSTED_ORIGINS = [ + 'https://*.apps.ocp1.azure.dso.digital.mod.uk', +] # Quick-start development settings - unsuitable for production # See https://docs.djangoproject.com/en/4.0/howto/deployment/checklist/ # SECURITY WARNING: keep the secret key used in production secret! +# TODO Replace with environment variable SECRET_KEY = "django-insecure-z*tv24r*)-$q*l1=l64))qocs1x$*10c&6w_@ld^dw#=q#ndy2" # SECURITY WARNING: don't run with debug turned on in production! |