From abcc6f616e7d507550c5c6a440787b288f309515 Mon Sep 17 00:00:00 2001 From: Sklup55 <85282385+Sklup55@users.noreply.github.com> Date: Wed, 27 Dec 2023 15:39:49 +0530 Subject: [PATCH] updates made for lab to run without 'CSRF errors' Below updates required to run the Week 5 K8S deployment lab correctly (without CSRF error) 1. Below line has been removed -> 'django.middleware.csrf.CsrfViewMiddleware', 2. ALLOWED_HOSTS section - codes updated 3. CSRF_TRUSTED_ORIGINS section - code newly added --- server/djangobackend/settings.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/server/djangobackend/settings.py b/server/djangobackend/settings.py index ff43f444a8..6c6fe6a78b 100644 --- a/server/djangobackend/settings.py +++ b/server/djangobackend/settings.py @@ -27,7 +27,9 @@ APPEND_SLASH = True -ALLOWED_HOSTS = ["localhost"] +ALLOWED_HOSTS = ['localhost',''] + +CSRF_TRUSTED_ORIGINS = [''] # Application definition @@ -46,7 +48,6 @@ 'django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.common.CommonMiddleware', - 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware',