Hi Claudy, The Open edX forums have moved to https://discuss.openedx.org, so you will have a better shot at getting an answer if you re-post your questions there.
Cheers, Tim On Monday, August 9, 2021 at 5:17:05 PM UTC+2 Claudy Focan wrote: > Hello Guys, > > for my projects, i need to be able to use login_ajax from other subdomains > which are not manage by django, > > so for sure will gonna have issue with the CSRF token, but i were thinking > by adding my others subdomains into CSRF_TRUSTED_ORIGINS but unfortunatly > is not working, i still get 403 for now this only stuff i found is > adding @csrf_exempt to the method login_user but is not very safe, do you > have any idea to improve the security for this specific issue ? > > Best > -- ***Please note! This Google Group has been deprecated - visit https://discuss.openedx.org/ --- You received this message because you are subscribed to the Google Groups "General Open edX discussion" group. To unsubscribe from this group and stop receiving emails from it, send an email to edx-code+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/edx-code/158e5add-a767-4a59-9cd3-dd1569c3b045n%40googlegroups.com.
