From 17a6b3225e5aba111c65882c2b8177e78b0091d8 Mon Sep 17 00:00:00 2001
From: Peter Pfeufer <info@ppfeufer.de>
Date: Sun, 31 Jul 2022 16:43:57 +0200
Subject: [PATCH] Add `CSRF_TRUSTED_ORIGINS` to local.py

Addresses #1350
---
 .../project_template/project_name/settings/local.py         | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/allianceauth/project_template/project_name/settings/local.py b/allianceauth/project_template/project_name/settings/local.py
index 2004bdc1..47372927 100644
--- a/allianceauth/project_template/project_name/settings/local.py
+++ b/allianceauth/project_template/project_name/settings/local.py
@@ -13,6 +13,12 @@ STATIC_ROOT = "/var/www/{{ project_name }}/static/"
 # in page titles and the site header.
 SITE_NAME = '{{ project_name }}'
 
+# This is your websites URL, set it accordingly
+SITE_URL = "https://example.com"
+
+# Django security
+CSRF_TRUSTED_ORIGINS = [SITE_URL]
+
 # Change this to enable/disable debug mode, which displays
 # useful error messages but can leak sensitive data.
 DEBUG = False