From 88217c3af768b9f4af6d46ffc575f00e9bac0ce4 Mon Sep 17 00:00:00 2001
From: Amir Tadrisi <amirtds@gmail.com>
Date: Sat, 27 Jan 2024 17:08:17 -0500
Subject: [PATCH] Limit ALLOWED HOSTS for CMS

---
 cms/envs/production.py | 6 +++---
 lms/envs/production.py | 1 +
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/cms/envs/production.py b/cms/envs/production.py
index 36916f1e6a7..591da7658cd 100644
--- a/cms/envs/production.py
+++ b/cms/envs/production.py
@@ -192,9 +192,9 @@ def get_env_setting(setting):
 SITE_NAME = ENV_TOKENS['SITE_NAME']
 
 ALLOWED_HOSTS = [
-    # TODO: bbeggs remove this before prod, temp fix to get load testing running
-    "*",
-    CMS_BASE,
+    ENV_TOKENS.get('LMS_BASE', ''),
+    ENV_TOKENS.get('CMS_BASE', ''),
+    FEATURES.get('PREVIEW_LMS_BASE', '')
 ]
 
 LOG_DIR = ENV_TOKENS['LOG_DIR']
diff --git a/lms/envs/production.py b/lms/envs/production.py
index 9bd2e51c118..fb77cbb36be 100644
--- a/lms/envs/production.py
+++ b/lms/envs/production.py
@@ -212,6 +212,7 @@ def get_env_setting(setting):
 
 ALLOWED_HOSTS = [
     ENV_TOKENS.get('LMS_BASE', ''),
+    ENV_TOKENS.get('CMS_BASE', ''),
     FEATURES.get('PREVIEW_LMS_BASE', '')
 ]