Update .env.template

Add option for CSRF_TRUSTED_ORIGINS for better discoverability. Add options for newly added CORS_ALLOW_ALL_ORIGINS for discoverability as well as flexibility.
2023-09-08 12:31:46 -07:00 · 2023-09-08 12:31:46 -07:00 · 9b6ed7a63a
commit 9b6ed7a63a
parent e2f8efb521
1 changed files with 8 additions and 0 deletions
--- a/.env.template
+++ b/.env.template
@ -13,6 +13,14 @@ DEBUG_TOOLBAR=0
 # hosts the application can run under e.g. recipes.mydomain.com,cooking.mydomain.com,...
 ALLOWED_HOSTS=*

+# Cross Site Request Forgery protection
+# (https://docs.djangoproject.com/en/4.2/ref/settings/#std-setting-CSRF_TRUSTED_ORIGINS)
+# CSRF_TRUSTED_ORIGINS = []
+
+# Cross Origin Resource Sharing
+# (https://github.com/adamchainz/django-cors-header)
+# CORS_ALLOW_ALL_ORIGINS = True
+
 # random secret key, use for example `base64 /dev/urandom | head -c50` to generate one
 # ---------------------------- REQUIRED -------------------------
 SECRET_KEY=