From b495cae6cd428fcba76895f3262457a78b7bb689 Mon Sep 17 00:00:00 2001 From: Piotr Dobrowolski Date: Sun, 31 May 2020 01:15:24 +0200 Subject: [PATCH] fix csrf breaking proxies --- sso/settings.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/sso/settings.py b/sso/settings.py index dedb314..b7c3a7a 100644 --- a/sso/settings.py +++ b/sso/settings.py @@ -6,6 +6,9 @@ env.read_env() SQLALCHEMY_TRACK_MODIFICATIONS = False WTF_CSRF_CHECK_DEFAULT = False +# This needs to be disabled when we use an additional proxy in front of our app +WTF_CSRF_SSL_STRICT = env.bool("WTF_CSRF_SSL_STRICT", default=False) + SECRET_KEY = env.str("SECRET_KEY", default="randomstring") db_username = env.str("DATABASE_USERNAME", default="postgres")