klbr/khoj
1
0
Fork 0
mirror of https://github.com/khoaliber/khoj.git synced 2026-03-09 05:39:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

CSRF Cookie not set error in prod. Try fixing https forwarding for mitigation

Browse Source
This commit is contained in:
sabaimran
2023-12-17 12:55:18 +05:30
parent 61dde8ed89
commit 0459666beb
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/khoj/app/settings.py
View File

@@ -33,6 +33,9 @@ ALLOWED_HOSTS = [f".{KHOJ_DOMAIN}", "localhost", "127.0.0.1", "[::1]"]
CSRF_TRUSTED_ORIGINS = [ CSRF_TRUSTED_ORIGINS = [
f"https://*.{KHOJ_DOMAIN}", f"https://*.{KHOJ_DOMAIN}",
f"https://{KHOJ_DOMAIN}", f"https://{KHOJ_DOMAIN}",
f"http://*.{KHOJ_DOMAIN}",
f"http://{KHOJ_DOMAIN}",
f"https://app.{KHOJ_DOMAIN}",
] ]
COOKIE_SAMESITE = "None" COOKIE_SAMESITE = "None"
@@ -42,6 +45,7 @@ if DEBUG or os.getenv("KHOJ_DOMAIN") == None:
else: else:
SESSION_COOKIE_DOMAIN = KHOJ_DOMAIN SESSION_COOKIE_DOMAIN = KHOJ_DOMAIN
CSRF_COOKIE_DOMAIN = KHOJ_DOMAIN CSRF_COOKIE_DOMAIN = KHOJ_DOMAIN
SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTOCOL", "https")
SESSION_COOKIE_SECURE = True SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True CSRF_COOKIE_SECURE = True