CSRF_TRUSTED_ORIGINS for Django settings is read from environment variable.

Author: jirikadlec2

docker/docker-compose.eea.yml

@@ -12,7 +12,7 @@ services:
     networks:
       - qc_tool_network
   frontend:
-    image: eeacms/copernicus-qctool-frontend:2.3.3
+    image: eeacms/copernicus-qctool-frontend:2.3.4rc1
     ports:
       - 8000:8000
     environment:
@@ -35,6 +35,8 @@ services:
       - REFRESH_JOB_STATUSES_BACKGROUND=yes
       - REFRESH_JOB_STATUSES_BACKGROUND_INTERVAL=60
       - MAINTENANCE_MODE=no
+      - CASE_INSENSITIVE_USERNAMES=yes
+      - CSRF_TRUSTED_ORIGINS="https://qc-copernicus.eea.europa.eu,http://localhost,http://127.0.0.1"
     networks:
       - qc_tool_network
     volumes:
@@ -45,7 +47,7 @@ services:
       - qc_tool_frontend:/mnt/qc_tool_frontend
 
   worker:
-    image: eeacms/copernicus-qctool-worker:2.3.3
+    image: eeacms/copernicus-qctool-worker:2.3.4rc1
     shm_size: 1gb
     environment:
       - PRODUCT_DIRS

docker/docker-compose.jiri.yml

@@ -19,6 +19,7 @@ services:
       - SUBMISSION_DIR=/mnt/qc_tool_submission/submission
       - FRONTEND_DB_PATH=/mnt/qc_tool_work/frontend.sqlite3
       - CASE_INSENSITIVE_USERNAMES=yes
+      - CSRF_TRUSTED_ORIGINS="https://qc-copernicus.eea.europa.eu,http://localhost,http://127.0.0.1"
     networks:
       - qc_tool_network
     volumes:

docker/docker-compose.jtom.yml

@@ -17,6 +17,7 @@ services:
       - WORK_DIR=/mnt/qc_tool_work
       - SUBMISSION_DIR=/mnt/qc_tool_submission/submission
       - FRONTEND_DB_PATH=/mnt/qc_tool_work/frontend.sqlite3
+      - CSRF_TRUSTED_ORIGINS="https://qc-copernicus.eea.europa.eu,http://localhost,http://127.0.0.1"
     networks:
       - qc_tool_network
     volumes:

docker/docker-compose.jtomh.yml

@@ -16,6 +16,7 @@ services:
       - WORK_DIR=/mnt/qc_tool_work
       - SUBMISSION_DIR=/mnt/qc_tool_submission/submission
       - FRONTEND_DB_PATH=/mnt/qc_tool_work/frontend.sqlite3
+      - CSRF_TRUSTED_ORIGINS="https://qc-copernicus.eea.europa.eu,http://localhost,http://127.0.0.1"
     networks:
       - qc_tool_network
     volumes:

docker/docker-compose.postgres_userdb.yml

@@ -38,6 +38,7 @@ services:
       - POSTGRES_USER=qc_user
       - POSTGRES_PASSWORD=qc_password
       - FRONTEND_DB_PATH=/mnt/qc_tool_work/frontend.sqlite3
+      - CSRF_TRUSTED_ORIGINS="https://qc-copernicus.eea.europa.eu,http://localhost,http://127.0.0.1"
     networks:
       - qc_tool_network
     volumes:

docker/docker-compose.service_provider.yml

@@ -1,6 +1,6 @@
 services:
   frontend:
-    image: eeacms/copernicus-qctool-frontend:2.3.3
+    image: eeacms/copernicus-qctool-frontend:2.3.4rc1
     ports:
       - 8000:8000
     environment:
@@ -15,13 +15,14 @@ services:
       - WORKER_ALIVE_TIMEOUT=5
       - REFRESH_JOB_STATUSES_BACKGROUND=yes
       - REFRESH_JOB_STATUSES_BACKGROUND_INTERVAL=60
+      - CSRF_TRUSTED_ORIGINS="https://qc-copernicus.eea.europa.eu,http://localhost,http://127.0.0.1"
     networks:
       - qc_tool_network
     volumes:
       - qc_tool_volume:/mnt/qc_tool_volume
 
   worker:
-    image: eeacms/copernicus-qctool-worker:2.3.3
+    image: eeacms/copernicus-qctool-worker:2.3.4rc1
     shm_size: 1gb
     environment:
       - PRODUCT_DIRS

src/qc_tool/frontend/settings.py

@@ -32,7 +32,13 @@
 
 ALLOWED_HOSTS = ['*']
 
-CSRF_TRUSTED_ORIGINS = ['https://qc-copernicus.eea.europa.eu', 'http://localhost', 'http://127.0.0.1']
+# CSRF_TRUSTED_ORIGINS = ['https://qc-copernicus.eea.europa.eu', 'http://localhost', 'http://127.0.0.1']
+# CSRF_TRUSTED_ORIGINS from environment variable.
+# Get the string from environment, default to empty string if not found
+# Split by comma and filter out any empty strings
+env_origins = os.getenv('CSRF_TRUSTED_ORIGINS', '')
+
+CSRF_TRUSTED_ORIGINS = [origin.strip() for origin in env_origins.split(',') if origin.strip()]
 
 DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"