sij/khoj
1
0
Fork 0
mirror of https://github.com/khoj-ai/khoj.git synced 2024-11-27 09:25:06 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

CSRF Cookie not set error in prod. Try fixing https forwarding for mitigation

Browse source
This commit is contained in:
sabaimran 2023-12-17 12:55:18 +05:30
parent 61dde8ed89
commit 0459666beb
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/khoj/app/settings.py
View file

@ -33,6 +33,9 @@ ALLOWED_HOSTS = [f".{KHOJ_DOMAIN}", "localhost", "127.0.0.1", "[::1]"]
CSRF_TRUSTED_ORIGINS = [
f"https://*.{KHOJ_DOMAIN}",
f"https://{KHOJ_DOMAIN}",
f"http://*.{KHOJ_DOMAIN}",
f"http://{KHOJ_DOMAIN}",
f"https://app.{KHOJ_DOMAIN}",
]
COOKIE_SAMESITE = "None"
@ -42,6 +45,7 @@ if DEBUG or os.getenv("KHOJ_DOMAIN") == None:
else:
SESSION_COOKIE_DOMAIN = KHOJ_DOMAIN
CSRF_COOKIE_DOMAIN = KHOJ_DOMAIN
SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTOCOL", "https")
SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True