Attempt to remove CSRF verification error that came with Django 4.x

Godsmith · Jul 23, 2023 · cc65e6d · cc65e6d
1 parent 75dd717
commit cc65e6d
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/dinrplan/settings.py b/dinrplan/settings.py
@@ -45,6 +45,11 @@
 
 ALLOWED_HOSTS = ["0.0.0.0", ".localhost", "127.0.0.1", "[::1]", "dinrplan.fly.dev"]
 
+# Needed to avoid CSRF verification failed in Django 4.x
+# See https://docs.djangoproject.com/en/4.0/ref/settings/#secure-proxy-ssl-header
+# and https://stackoverflow.com/a/71482883/584503
+SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
+
 # Application definition
 
 INSTALLED_APPS = [