From 17c41815b4a3242bd99f34c9ee5ebb858e4c749a Mon Sep 17 00:00:00 2001
From: Reinaldy Rafli <aldy505@proton.me>
Date: Wed, 7 Feb 2024 00:18:53 +0700
Subject: [PATCH] feat: provide csrf settings information for sentry config
 (#2762)

* feat: provide csrf settings information for sentry config

* chore: trim trailing whitespace
---
 sentry/sentry.conf.example.py | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/sentry/sentry.conf.example.py b/sentry/sentry.conf.example.py
index 85cd586be2..712239b2f4 100644
--- a/sentry/sentry.conf.example.py
+++ b/sentry/sentry.conf.example.py
@@ -330,3 +330,14 @@ def get_internal_network():
 # optional extra permissions
 # https://django-csp.readthedocs.io/en/latest/configuration.html
 # CSP_SCRIPT_SRC += ["example.com"]
+
+#################
+# CSRF Settings #
+#################
+
+# Since version 24.1.0, Sentry migrated to Django 4 which contains stricter CSRF protection.
+# If you are accessing Sentry from multiple domains behind a reverse proxy, you should set
+# this to match your IPs/domains. Ports should be included if you are using custom ports.
+# https://docs.djangoproject.com/en/4.2/ref/settings/#std-setting-CSRF_TRUSTED_ORIGINS
+
+# CSRF_TRUSTED_ORIGINS = ["example.com", "127.0.0.1:9000"]