From 983001261aac4c0816db9f2a619f238868774c2b Mon Sep 17 00:00:00 2001
From: Hesbon Kiptoo <hesbonkiptoo5600@gmail.com>
Date: Mon, 27 Jan 2025 19:46:30 +0300
Subject: [PATCH] feat(settings.py): add CSRF_TRUSTED_ORIGINS setting to
 enhance security This change allows the application to specify trusted
 origins for CSRF protection, improving the overall security of the
 application.

---
 .../{{cookiecutter.project_slug}}/settings.py                   | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/{{cookiecutter.project_slug}}/{{cookiecutter.project_slug}}/settings.py b/{{cookiecutter.project_slug}}/{{cookiecutter.project_slug}}/settings.py
index ea93f3ae..969e60fc 100644
--- a/{{cookiecutter.project_slug}}/{{cookiecutter.project_slug}}/settings.py
+++ b/{{cookiecutter.project_slug}}/{{cookiecutter.project_slug}}/settings.py
@@ -68,6 +68,8 @@
 ALLOWED_HOSTS = env.list("HOST", default=["*"])
 SITE_ID = 1
 
+CSRF_TRUSTED_ORIGINS = env.list("CSRF_TRUSTED_ORIGINS", default=[])
+
 SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
 SECURE_SSL_REDIRECT = env.bool("SECURE_REDIRECT", default=False)