From af845e349009001c92665acf81d842e409c6c6ae Mon Sep 17 00:00:00 2001
From: Ben Roberts <me@benroberts.net>
Date: Tue, 16 Jun 2026 01:54:17 +0100
Subject: [PATCH] Add CSRF_TRUSTED_ORIGINS env var support (#9)

---
 .env.example           | 1 +
 standalone/settings.py | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/.env.example b/.env.example
index 11637fd..1a3145a 100644
--- a/.env.example
+++ b/.env.example
@@ -20,3 +20,4 @@ BAMBU_PASSWORD=your_password
 # DEBUG=True
 # DJANGO_SECRET_KEY=change-me-to-a-random-string
 # ALLOWED_HOSTS=localhost,127.0.0.1
+# CSRF_TRUSTED_ORIGINS="https://bambu-run.example.com,http://bambu-run.example.com"
diff --git a/standalone/settings.py b/standalone/settings.py
index 4c2aac0..8f8c1e0 100644
--- a/standalone/settings.py
+++ b/standalone/settings.py
@@ -111,6 +111,8 @@ PRINTER_IP = os.environ.get("PRINTER_IP", "")
 ACCESS_TOKEN = os.environ.get("ACCESS_TOKEN", "")
 PRINTER_SERIAL = os.environ.get("PRINTER_SERIAL", "")
 
+CSRF_TRUSTED_ORIGINS = os.environ.get("CSRF_TRUSTED_ORIGINS", "").split(",")
+
 # Logging
 LOGGING = {
     "version": 1,