Added settings needed for reverse proxy setup

Adding DJANGO_CSRF_TRUSTED_ORIGINS setting

Adding DJANGO_USE_X_FORWARDED_PORT

Adding CSRF_COOKIE_DOMAIN setting

Fixing USE_X_FORWARDED_HOST

config/settings/base.py

@@ -35,6 +35,7 @@
 # ------------------------------------------------------------------------------
 # Hosts/domain names that are valid for this site
 ALLOWED_HOSTS = env.list('DJANGO_ALLOWED_HOSTS', default=['*'])
+USE_X_FORWARDED_HOST = env.bool('DJANGO_USE_X_FORWARDED_HOST', default=False)
 
 # APP CONFIGURATION
 # ------------------------------------------------------------------------------

config/settings/production.py

@@ -43,6 +43,8 @@
 )
 CSRF_COOKIE_SECURE = True
 CSRF_COOKIE_HTTPONLY = True
+CSRF_TRUSTED_ORIGINS = env.list('DJANGO_CSRF_TRUSTED_ORIGINS', default=[])
+CSRF_COOKIE_DOMAIN = env.str('DJANGO_CSRF_COOKIE_DOMAIN', default=None)
 X_FRAME_OPTIONS = 'DENY'
 
 INSTALLED_APPS += ['gunicorn']