From e66c54b5e621df4b2d159df700814af89ae9d068 Mon Sep 17 00:00:00 2001
From: Alexandre <44178713+alexbelgium@users.noreply.github.com>
Date: Wed, 6 Mar 2024 14:02:20 +0100
Subject: [PATCH] Update Dockerfile

---
 codex/Dockerfile | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/codex/Dockerfile b/codex/Dockerfile
index 26cf3e765..7b408efee 100644
--- a/codex/Dockerfile
+++ b/codex/Dockerfile
@@ -27,6 +27,12 @@ ENV S6_CMD_WAIT_FOR_SERVICES=1 \
     S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0 \
     S6_SERVICES_GRACETIME=0
 
+# Avoid CSRF
+RUN grep -irl 'SECURE_CROSS_ORIGIN_OPENER_POLICY' /usr | xargs sed -i 's/same-origin/origin/g' && \
+    find /usr -name settings.py | xargs sed -i "/CsrfViewMiddleware/d" && \
+    sed -i "/SECURE_CROSS_ORIGIN_OPENER_POLICY/d" /usr/local/lib/python*/site-packages/django/conf/global_settings.py && \
+    sed -i "/SECURE_REFERER/d" /usr/local/lib/python*/site-packages/django/conf/global_settings.py
+
 ##################
 # 3 Install apps #
 ##################