Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add CSRF_TUSTED_ORIGINS with scheme for Django 4.2 in all IDAs #459

Closed
15 of 21 tasks
iamsobanjaved opened this issue Sep 26, 2023 · 0 comments
Closed
15 of 21 tasks

Add CSRF_TUSTED_ORIGINS with scheme for Django 4.2 in all IDAs #459

iamsobanjaved opened this issue Sep 26, 2023 · 0 comments
Assignees
@UsamaSadiq @iamsobanjaved

Comments

@iamsobanjaved
Copy link
Member

iamsobanjaved commented Sep 26, 2023
edited by UsamaSadiq
Loading

In Django 4.0+, we now have to provide the scheme http:// or https:// with trusted origins as well. Read the following docs for more info. So to keep compatibility with Django 3.2 as we are currently on this version, we need to add a separate variable in YAML and add the condition to pick that variable once we reach Django 4.

In YAMLs

For example if currently CSRF_TRUSTED_ORIGINS looks like this

CSRF_TRUSTED_ORIGINS:
- .edx.org

Add a new variable CSRF_TRUSTED_ORIGINS_WITH_SCHEMES like this.

CSRF_TRUSTED_ORIGINS_WITH_SCHEMES:
- https://*.edx.org

In IDA's settings file (mostly production.py)

We need to have conditional settings for Django 4.

if django.VERSION[0] >= 4:  # for greater than django 3.2 use schemes.
    CSRF_TRUSTED_ORIGINS = CSRF_TRUSTED_ORIGINS_WITH_SCHEME

Release notes: https://docs.djangoproject.com/en/4.2/releases/4.0/#csrf-trusted-origins-changes

Django 4.0 Docs: https://docs.djangoproject.com/en/4.0/ref/settings/#csrf-trusted-origins

Django 3.2 Docs: https://docs.djangoproject.com/en/3.2/ref/settings/#csrf-trusted-origins

IDAs
Beta Give feedback
@github-project-automation github-project-automation bot moved this to Backlog in Arbi-BOM Sep 26, 2023
@iamsobanjaved iamsobanjaved moved this from Backlog to Todo in Arbi-BOM Sep 26, 2023
@iamsobanjaved iamsobanjaved mentioned this issue Sep 26, 2023
Open
@awais786 awais786 mentioned this issue Sep 26, 2023
Merged
@iamsobanjaved iamsobanjaved mentioned this issue Sep 26, 2023
Closed
This was referenced Oct 3, 2023
Merged
Merged
Closed
@UsamaSadiq UsamaSadiq moved this from Todo to In Progress in Arbi-BOM Oct 10, 2023
@github-project-automation github-project-automation bot moved this from In Progress to Done in Arbi-BOM Dec 6, 2023
@jristau1984 jristau1984 moved this from Done to Done - Long Term Storage in Arbi-BOM Sep 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@UsamaSadiq UsamaSadiq

@iamsobanjaved iamsobanjaved

Labels
None yet
Projects
Arbi-BOM
Status: Done - Long Term Storage
Milestone
No milestone
Development

No branches or pull requests
2 participants
@UsamaSadiq @iamsobanjaved