From ce6183c4be7d7ec539bc382ad9e580c18f208a43 Mon Sep 17 00:00:00 2001
From: Edward J <edw@defang.io>
Date: Mon, 9 Sep 2024 11:41:10 -0700
Subject: [PATCH] Update CSRF to allow all defang.dev domain

---
 samples/django-postgres/app/crm_platform/settings.py | 2 +-
 samples/django/app/defang_sample/settings.py         | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/samples/django-postgres/app/crm_platform/settings.py b/samples/django-postgres/app/crm_platform/settings.py
index 9bcd75b7..f77826ac 100644
--- a/samples/django-postgres/app/crm_platform/settings.py
+++ b/samples/django-postgres/app/crm_platform/settings.py
@@ -29,7 +29,7 @@
 ALLOWED_HOSTS = ['*']
 
 CSRF_TRUSTED_ORIGINS = [
-    'https://*.prod1.defang.dev',
+    'https://*.defang.dev',
     'http://localhost:8000',
 ]
 
diff --git a/samples/django/app/defang_sample/settings.py b/samples/django/app/defang_sample/settings.py
index a4f1b834..047c34f4 100644
--- a/samples/django/app/defang_sample/settings.py
+++ b/samples/django/app/defang_sample/settings.py
@@ -131,10 +131,10 @@
 
 # CSRF
 CSRF_TRUSTED_ORIGINS = [
-    'https://*.prod1.defang.dev'
+    'https://*.defang.dev'
 ]
 
 if DEBUG:
     CSRF_TRUSTED_ORIGINS = [
         'http://localhost:8000',
-    ]
\ No newline at end of file
+    ]