fix(library-authoring): the MFE was not on the CSRF allowlist (#22)

openedx · Mar 20, 2024 · d5a7d3a · d5a7d3a
1 parent 44a1cf6
commit d5a7d3a
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 0 deletions.
diff --git a/...ibrary-authoring-mfe/tutor_library_authoring_mfe/patches/openedx-cms-development-settings b/...ibrary-authoring-mfe/tutor_library_authoring_mfe/patches/openedx-cms-development-settings
@@ -1,3 +1,4 @@
 LIBRARY_AUTHORING_MICROFRONTEND_URL = "http://{{ MFE_HOST }}:{{ get_mfe('library-authoring')['port'] }}/library-authoring/"
 CORS_ORIGIN_WHITELIST.append("http://{{ MFE_HOST }}:{{ get_mfe('library-authoring')['port'] }}")
 LOGIN_REDIRECT_WHITELIST.append("{{ MFE_HOST }}:{{ get_mfe('library-authoring')['port'] }}")
+CSRF_TRUSTED_ORIGINS.append("http://{{ MFE_HOST }}:{{ get_mfe('library-authoring')['port'] }}")
diff --git a/...library-authoring-mfe/tutor_library_authoring_mfe/patches/openedx-cms-production-settings b/...library-authoring-mfe/tutor_library_authoring_mfe/patches/openedx-cms-production-settings
@@ -1,3 +1,4 @@
 LIBRARY_AUTHORING_MICROFRONTEND_URL = "{% if ENABLE_HTTPS %}https://{% else %}http://{% endif %}{{ MFE_HOST }}/library-authoring/"
 CORS_ORIGIN_WHITELIST.append("{% if ENABLE_HTTPS %}https://{% else %}http://{% endif %}{{ MFE_HOST }}")
 LOGIN_REDIRECT_WHITELIST.append("{{ MFE_HOST }}")
+CSRF_TRUSTED_ORIGINS.append("{% if ENABLE_HTTPS %}https://{% else %}http://{% endif %}{{ MFE_HOST }}")