From a4cb997c1118c10d46909b0ec973230042b97bb7 Mon Sep 17 00:00:00 2001 From: jhn27 Date: Fri, 19 Apr 2024 14:23:59 +1200 Subject: [PATCH 1/2] FIx prod jobe server CRSF origin issue --- csunplugged/config/settings/base.py | 5 ----- csunplugged/config/settings/local.py | 9 +++++++++ csunplugged/config/settings/production.py | 6 ++++++ csunplugged/config/settings/testing.py | 8 ++++++++ 4 files changed, 23 insertions(+), 5 deletions(-) diff --git a/csunplugged/config/settings/base.py b/csunplugged/config/settings/base.py index d66b267c9..2b889bab1 100644 --- a/csunplugged/config/settings/base.py +++ b/csunplugged/config/settings/base.py @@ -328,10 +328,5 @@ "https://canterbury.ac.nz" ] -CSRF_TRUSTED_ORIGINS = [ - "https://*.localhost", - "https://*.canterbury.ac.nz" -] - # Used by speaker notes for at a distance slides X_FRAME_OPTIONS = "SAMEORIGIN" diff --git a/csunplugged/config/settings/local.py b/csunplugged/config/settings/local.py index 2a9fad5af..67471af5e 100644 --- a/csunplugged/config/settings/local.py +++ b/csunplugged/config/settings/local.py @@ -99,3 +99,12 @@ def show_django_debug_toolbar(request): # Suppress these loggers in local development for less noise in logs logging.getLogger('gunicorn.access').handlers = [] # noqa F405 logging.getLogger('gunicorn.error').handlers = [] # noqa F405 + + +# CSRF +# ------------------------------------------------------------------------------ +CSRF_TRUSTED_ORIGINS = [ + "https://www.csunplugged.org", + "https://cs-unplugged-dev.csse.canterbury.ac.nz", + "https://cs-unplugged.localhost", +] diff --git a/csunplugged/config/settings/production.py b/csunplugged/config/settings/production.py index 60162f74b..2ccb3d104 100644 --- a/csunplugged/config/settings/production.py +++ b/csunplugged/config/settings/production.py @@ -71,3 +71,9 @@ # SECURE_SSL_REDIRECT = env.bool("DJANGO_SECURE_SSL_REDIRECT", default=True) # noqa: F405 # CSRF_COOKIE_SECURE = True # CSRF_COOKIE_HTTPONLY = True + +# CSRF +# ------------------------------------------------------------------------------ +CSRF_TRUSTED_ORIGINS = [ + "https://www.csunplugged.org", +] diff --git a/csunplugged/config/settings/testing.py b/csunplugged/config/settings/testing.py index 9559f4098..33b683c15 100644 --- a/csunplugged/config/settings/testing.py +++ b/csunplugged/config/settings/testing.py @@ -80,3 +80,11 @@ ("de", "German"), ("fr", "French"), ) + +# CSRF +# ------------------------------------------------------------------------------ +CSRF_TRUSTED_ORIGINS = [ + "https://www.csunplugged.org", + "https://cs-unplugged-dev.csse.canterbury.ac.nz", + "https://cs-unplugged.localhost", +] From 4c0afde6ae5af2f1912158825de7756e8842e71f Mon Sep 17 00:00:00 2001 From: jhn27 Date: Fri, 19 Apr 2024 14:35:17 +1200 Subject: [PATCH 2/2] Update changelog --- csunplugged/config/__init__.py | 2 +- docs/changelog.rst | 9 +++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/csunplugged/config/__init__.py b/csunplugged/config/__init__.py index 818809c32..6596db021 100644 --- a/csunplugged/config/__init__.py +++ b/csunplugged/config/__init__.py @@ -1,3 +1,3 @@ """Module for Django system configuration.""" -__version__ = "7.4.0" +__version__ = "7.4.1" diff --git a/docs/changelog.rst b/docs/changelog.rst index db91bfa6d..e98ade221 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -23,6 +23,15 @@ All notable changes to this project will be documented in this file. fit the Semantic Versioning model. However these version numbers can still provide a good indication of the changes in each version. +7.2.1 +============================================================================== + +**Release date:** 19 April 2024 + +**Changelog:** + +- Fix jobe access issue breaking Plugging it in test code button. + 7.4.0 ==============================================================================