From 6c58af24fdb27db5d0cdfea2ebb7f1af247a390e Mon Sep 17 00:00:00 2001 From: Muhammad Farhan Date: Tue, 22 Oct 2024 12:50:52 +0500 Subject: [PATCH] chore: Remove CSRF_TRUSTED_ORIGINS_WITH_SCHEMES variable --- cms/envs/common.py | 1 - cms/envs/production.py | 6 ------ lms/envs/common.py | 1 - lms/envs/production.py | 5 ----- lms/envs/test.py | 8 +------- 5 files changed, 1 insertion(+), 20 deletions(-) diff --git a/cms/envs/common.py b/cms/envs/common.py index 3942c9d68be2..dcdce9204212 100644 --- a/cms/envs/common.py +++ b/cms/envs/common.py @@ -866,7 +866,6 @@ CROSS_DOMAIN_CSRF_COOKIE_DOMAIN = '' CROSS_DOMAIN_CSRF_COOKIE_NAME = '' CSRF_TRUSTED_ORIGINS = [] -CSRF_TRUSTED_ORIGINS_WITH_SCHEME = [] #################### CAPA External Code Evaluation ############################# XQUEUE_WAITTIME_BETWEEN_REQUESTS = 5 # seconds diff --git a/cms/envs/production.py b/cms/envs/production.py index ad7667772f9a..627f82fcaec2 100644 --- a/cms/envs/production.py +++ b/cms/envs/production.py @@ -13,7 +13,6 @@ import warnings import yaml -import django from django.core.exceptions import ImproperlyConfigured from django.urls import reverse_lazy from edx_django_utils.plugins import add_plugins @@ -239,11 +238,6 @@ def get_env_setting(setting): # by end users. CSRF_COOKIE_SECURE = ENV_TOKENS.get('CSRF_COOKIE_SECURE', False) -# values are already updated above with default CSRF_TRUSTED_ORIGINS values but in -# case of new django version these values will override. -if django.VERSION[0] >= 4: # for greater than django 3.2 use schemes. - CSRF_TRUSTED_ORIGINS = ENV_TOKENS.get('CSRF_TRUSTED_ORIGINS_WITH_SCHEME', []) - #Email overrides MKTG_URL_LINK_MAP.update(ENV_TOKENS.get('MKTG_URL_LINK_MAP', {})) MKTG_URL_OVERRIDES.update(ENV_TOKENS.get('MKTG_URL_OVERRIDES', MKTG_URL_OVERRIDES)) diff --git a/lms/envs/common.py b/lms/envs/common.py index b59d60c751f2..bb363384523b 100644 --- a/lms/envs/common.py +++ b/lms/envs/common.py @@ -3397,7 +3397,6 @@ def _make_locale_paths(settings): # pylint: disable=missing-function-docstring # end users CSRF_COOKIE_SECURE = False CSRF_TRUSTED_ORIGINS = [] -CSRF_TRUSTED_ORIGINS_WITH_SCHEME = [] CROSS_DOMAIN_CSRF_COOKIE_DOMAIN = '' CROSS_DOMAIN_CSRF_COOKIE_NAME = '' diff --git a/lms/envs/production.py b/lms/envs/production.py index 6dc6be634178..7aebbf080bb3 100644 --- a/lms/envs/production.py +++ b/lms/envs/production.py @@ -22,7 +22,6 @@ import os import yaml -import django from django.core.exceptions import ImproperlyConfigured from edx_django_utils.plugins import add_plugins from openedx_events.event_bus import merge_producer_configs @@ -368,10 +367,6 @@ def get_env_setting(setting): # Determines which origins are trusted for unsafe requests eg. POST requests. CSRF_TRUSTED_ORIGINS = ENV_TOKENS.get('CSRF_TRUSTED_ORIGINS', []) -# values are already updated above with default CSRF_TRUSTED_ORIGINS values but in -# case of new django version these values will override. -if django.VERSION[0] >= 4: # for greater than django 3.2 use schemes. - CSRF_TRUSTED_ORIGINS = ENV_TOKENS.get('CSRF_TRUSTED_ORIGINS_WITH_SCHEME', []) ############# CORS headers for cross-domain requests ################# diff --git a/lms/envs/test.py b/lms/envs/test.py index a9e8aaf9f2e2..844e2f31afe6 100644 --- a/lms/envs/test.py +++ b/lms/envs/test.py @@ -650,10 +650,4 @@ SURVEY_REPORT_ENABLE = True ANONYMOUS_SURVEY_REPORT = False -CSRF_TRUSTED_ORIGINS = ['.example.com'] -CSRF_TRUSTED_ORIGINS_WITH_SCHEME = ['https://*.example.com'] - -# values are already updated above with default CSRF_TRUSTED_ORIGINS values but in -# case of new django version these values will override. -if django.VERSION[0] >= 4: # for greater than django 3.2 use with schemes. - CSRF_TRUSTED_ORIGINS = CSRF_TRUSTED_ORIGINS_WITH_SCHEME +CSRF_TRUSTED_ORIGINS = ['https://*.example.com']