21 lines
657 B
Python
21 lines
657 B
Python
|
from django.conf import settings
|
||
|
|
||
|
from .. import Error, Tags, register
|
||
|
|
||
|
|
||
|
@register(Tags.compatibility)
|
||
|
def check_csrf_trusted_origins(app_configs, **kwargs):
|
||
|
errors = []
|
||
|
for origin in settings.CSRF_TRUSTED_ORIGINS:
|
||
|
if "://" not in origin:
|
||
|
errors.append(
|
||
|
Error(
|
||
|
"As of Django 4.0, the values in the CSRF_TRUSTED_ORIGINS "
|
||
|
"setting must start with a scheme (usually http:// or "
|
||
|
"https://) but found %s. See the release notes for details."
|
||
|
% origin,
|
||
|
id="4_0.E001",
|
||
|
)
|
||
|
)
|
||
|
return errors
|