Hello Guys, for my projects, i need to be able to use login_ajax from other subdomains which are not manage by django,
so for sure will gonna have issue with the CSRF token, but i were thinking by adding my others subdomains into CSRF_TRUSTED_ORIGINS but unfortunatly is not working, i still get 403 for now this only stuff i found is adding @csrf_exempt to the method login_user but is not very safe, do you have any idea to improve the security for this specific issue ? Best -- ***Please note! This Google Group has been deprecated - visit https://discuss.openedx.org/ --- You received this message because you are subscribed to the Google Groups "General Open edX discussion" group. To unsubscribe from this group and stop receiving emails from it, send an email to edx-code+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/edx-code/05d0f0a1-cb66-4740-9b06-8e72dd0cbed5n%40googlegroups.com.
