From 1ae26649842448231e4a1567093baa1bda18af4b Mon Sep 17 00:00:00 2001
From: godd0t <lirrishala@gmail.com>
Date: Wed, 10 May 2023 12:29:36 +0200
Subject: [PATCH] update

---
 env.example                       | 2 +-
 src/project_name/settings/base.py | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/env.example b/env.example
index 826a741..a8754f4 100644
--- a/env.example
+++ b/env.example
@@ -7,7 +7,7 @@ APP_ENV=dev
 DEBUG=True
 DJANGO_SETTINGS_MODULE=project_name.settings.dev
 ALLOWED_HOSTS='app.backend.dev'
-CSRF_TRUSTED_ORIGINS='http://app.backend.dev'
+CSRF_TRUSTED_ORIGINS='https://*.backend.dev'
 CORS_ALLOWED_ORIGINS=http://app.backend.dev,http://localhost:3000
 
 # Postgres configuration variables
diff --git a/src/project_name/settings/base.py b/src/project_name/settings/base.py
index df15497..3653ba2 100644
--- a/src/project_name/settings/base.py
+++ b/src/project_name/settings/base.py
@@ -12,11 +12,11 @@ DEBUG = os_getenv("DEBUG", "true").lower() in ["True", "true", "1", "yes", "y"]
 
 ALLOWED_HOSTS = os_getenv("ALLOWED_HOSTS", "localhost").split(",")
 
-CSRF_TRUSTED_ORIGINS = os_getenv("CSRF_TRUSTED_ORIGINS", "http://localhost").split(",")
 
 if DEBUG:
     CORS_ORIGIN_ALLOW_ALL = True
 else:
+    CSRF_TRUSTED_ORIGINS = os_getenv("CSRF_TRUSTED_ORIGINS", "http://localhost").split(",")
     CORS_ALLOWED_ORIGINS = os_getenv("CORS_ALLOWED_ORIGINS", "http://localhost").split(",")
 
 # Application definition