From f6703b325bf47dc0b3365fdef30906060a6dc171 Mon Sep 17 00:00:00 2001
From: ngfchl <ngfchl@126.com>
Date: Fri, 7 Oct 2022 20:06:30 +0800
Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0HTTPS=5FDOMAINS=E7=8E=AF?=
 =?UTF-8?q?=E5=A2=83=E5=8F=98=E9=87=8F=EF=BC=8C=E7=94=A8=E4=BA=8E=E8=AE=BE?=
 =?UTF-8?q?=E5=AE=9A=E5=8F=8D=E5=90=91=E4=BB=A3=E7=90=86=E5=9F=9F=E5=90=8D?=
 =?UTF-8?q?=EF=BC=8C=E8=A7=A3=E5=86=B3CSRF=E4=B8=AD=E6=96=AD=E9=97=AE?=
 =?UTF-8?q?=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ptools/settings.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ptools/settings.py b/ptools/settings.py
index a4f6ea3..1107180 100644
--- a/ptools/settings.py
+++ b/ptools/settings.py
@@ -35,6 +35,9 @@ SECRET_KEY = 'django-insecure-6wrh^t$@gbb^s^=79@%cv=%yhq6gl^kane#g@-n-*n6+s1lo2f
 DEBUG = True
 
 ALLOWED_HOSTS = ['*']
+CORS_ORIGIN_ALLOW_ALL = True
+if os.environ.get('HTTPS_DOMAINS'):
+    CSRF_TRUSTED_ORIGINS = [os.environ.get('HTTPS_DOMAINS'), ]
 
 # Application definition