admin/40204-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1.0.2

Browse Source
This commit is contained in:
Flatlogic Bot 2026-06-04 17:14:08 +00:00
parent f3690a8b42
commit a0758d4015
2 changed files with 18 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
config/__pycache__/settings.cpython-311.pyc
View File

Binary file not shown.

23
config/settings.py
View File

@ -20,21 +20,34 @@ load_dotenv(BASE_DIR.parent / ".env")
SECRET_KEY = os.getenv("DJANGO_SECRET_KEY", "change-me") SECRET_KEY = os.getenv("DJANGO_SECRET_KEY", "change-me")
DEBUG = os.getenv("DJANGO_DEBUG", "true").lower() == "true" DEBUG = os.getenv("DJANGO_DEBUG", "true").lower() == "true"
def _host_from_env(value):
return value.replace("https://", "").replace("http://", "").split("/")[0].strip()
ALLOWED_HOSTS = [ ALLOWED_HOSTS = [
"127.0.0.1", host for host in [
"localhost", "127.0.0.1",
os.getenv("HOST_FQDN", ""), "localhost",
".appwizzy.dev",
".dev.flatlogic.app",
_host_from_env(os.getenv("HOST_FQDN", "")),
_host_from_env(os.getenv("FULL_DOMAIN", "")),
] if host
] ]
CSRF_TRUSTED_ORIGINS = [ CSRF_TRUSTED_ORIGINS = [
origin for origin in [ origin for origin in [
"https://*.appwizzy.dev",
"http://*.appwizzy.dev",
"https://*.dev.flatlogic.app",
os.getenv("HOST_FQDN", ""), os.getenv("HOST_FQDN", ""),
os.getenv("FULL_DOMAIN", ""),
os.getenv("CSRF_TRUSTED_ORIGIN", "") os.getenv("CSRF_TRUSTED_ORIGIN", "")
] if origin ] if origin
] ]
CSRF_TRUSTED_ORIGINS = [ CSRF_TRUSTED_ORIGINS = [
f"https://{host}" if not host.startswith(("http://", "https://")) else host f"https://{origin}" if not origin.startswith(("http://", "https://")) else origin
for host in CSRF_TRUSTED_ORIGINS for origin in CSRF_TRUSTED_ORIGINS
] ]
# Cookies must always be HTTPS-only; SameSite=Lax keeps CSRF working behind the proxy. # Cookies must always be HTTPS-only; SameSite=Lax keeps CSRF working behind the proxy.