Adding argument to test with DEBUG=False but locally with STAGE=True …

…to prevent SSL issues.
pharmbio · Dec 12, 2024 · 4b18f24 · 4b18f24
1 parent 8388390
commit 4b18f24
Showing 1 changed file with 13 additions and 9 deletions.
diff --git a/ptp/ptp/settings.py b/ptp/ptp/settings.py
@@ -18,8 +18,9 @@
 
 ALLOWED_HOSTS = ['*', 'localhost']
 
-CSRF_TRUSTED_ORIGINS=['https://ptp-inference.serve.scilifelab.se']
-
+CSRF_TRUSTED_ORIGINS=['http://localhost:8000']
+if os.environ.get('CSRF_TRUSTED_ORIGINS', False):
+    CSRF_TRUSTED_ORIGINS = os.environ.get('CSRF_TRUSTED_ORIGINS').split(',')
 
 
 
@@ -44,7 +45,7 @@
     'django.middleware.csrf.CsrfViewMiddleware',
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
-    'django.middleware.clickjacking.XFrameOptionsMiddleware',
+    #'django.middleware.clickjacking.XFrameOptionsMiddleware',
 ]
 
 ROOT_URLCONF = 'ptp.urls'
@@ -153,9 +154,12 @@
 
 SITE_URL = os.environ.get('EMAIL_DOMAIN','https://yourdomain.com')
 
-# Security settings
-SECURE_BROWSER_XSS_FILTER = True
-X_FRAME_OPTIONS = 'DENY'
-SECURE_SSL_REDIRECT = not DEBUG
-CSRF_COOKIE_SECURE = not DEBUG
-SESSION_COOKIE_SECURE = not DEBUG
+STAGE_ENV = os.environ.get('STAGE', False)
+
+if not STAGE_ENV:
+    # Security settings
+    SECURE_BROWSER_XSS_FILTER = True
+    X_FRAME_OPTIONS = 'DENY'
+    SECURE_SSL_REDIRECT = not DEBUG
+    CSRF_COOKIE_SECURE = not DEBUG
+    SESSION_COOKIE_SECURE = not DEBUG