ATTUNE-HEART-THERAPY/alternative-backend-service
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

config: add CSRF trusted origins for production domains #37

Merged
Saani merged 1 commits from feature/meetings into main 2025-11-25 18:28:53 +00:00
Conversation 0 Commits 1 Files Changed 1 +5
Saani commented 2025-11-25 18:28:47 +00:00
Owner
Copy Link

Add CSRF_TRUSTED_ORIGINS setting to whitelist the production domains
(attunehearttherapy.com and its api subdomain) for CSRF verification.
This ensures secure cross-origin POST requests from the frontend.

Also add documentation comment for CORS configuration section.

Add CSRF_TRUSTED_ORIGINS setting to whitelist the production domains (attunehearttherapy.com and its api subdomain) for CSRF verification. This ensures secure cross-origin POST requests from the frontend. Also add documentation comment for CORS configuration section.
Saani added 1 commit 2025-11-25 18:28:48 +00:00 
Add CSRF_TRUSTED_ORIGINS setting to whitelist the production domains
(attunehearttherapy.com and its api subdomain) for CSRF verification.
This ensures secure cross-origin POST requests from the frontend.

Also add documentation comment for CORS configuration section.
Saani merged commit 1a84b8eb99 into main 2025-11-25 18:28:53 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: ATTUNE-HEART-THERAPY/alternative-backend-service#37
No description provided.
Delete Branch "feature/meetings"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?