From fb67e4207849bec21a7bfc70dd494d20d66fdb5a Mon Sep 17 00:00:00 2001
From: mpeltriaux <michel.peltriaux@sgdnord.rlp.de>
Date: Tue, 28 Nov 2023 12:59:40 +0100
Subject: [PATCH] # CSRF_TRUSTED_ORIGINS

* new in Django4: setting CSRF_TRUSTED_ORIGINS needs to be set to schema+host for new CSRF security handling
---
 konova/sub_settings/django_settings.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/konova/sub_settings/django_settings.py b/konova/sub_settings/django_settings.py
index 746df28..906cafe 100644
--- a/konova/sub_settings/django_settings.py
+++ b/konova/sub_settings/django_settings.py
@@ -42,6 +42,10 @@ ALLOWED_HOSTS = [
     "localhost",
 ]
 
+CSRF_TRUSTED_ORIGINS = [
+    "http://localhost",  # not only host but schema (http/s) as well!
+]
+
 # Authentication settings
 LOGIN_URL = "/login/"