From f53a20f0d9e5c101aa96da409c9f07759188b29e Mon Sep 17 00:00:00 2001
From: Muhammad Farhan <muhammad.farhan@arbisoft.com>
Date: Tue, 22 Oct 2024 11:23:54 +0500
Subject: [PATCH] chore: Remove CSRF_TRUSTED_ORIGINS_WITH_SCHEMES variable

---
 cms/envs/common.py     | 1 -
 cms/envs/production.py | 6 ------
 lms/envs/common.py     | 1 -
 lms/envs/production.py | 4 ----
 lms/envs/test.py       | 8 +-------
 5 files changed, 1 insertion(+), 19 deletions(-)

diff --git a/cms/envs/common.py b/cms/envs/common.py
index 3942c9d68be2..dcdce9204212 100644
--- a/cms/envs/common.py
+++ b/cms/envs/common.py
@@ -866,7 +866,6 @@
 CROSS_DOMAIN_CSRF_COOKIE_DOMAIN = ''
 CROSS_DOMAIN_CSRF_COOKIE_NAME = ''
 CSRF_TRUSTED_ORIGINS = []
-CSRF_TRUSTED_ORIGINS_WITH_SCHEME = []
 
 #################### CAPA External Code Evaluation #############################
 XQUEUE_WAITTIME_BETWEEN_REQUESTS = 5  # seconds
diff --git a/cms/envs/production.py b/cms/envs/production.py
index ad7667772f9a..627f82fcaec2 100644
--- a/cms/envs/production.py
+++ b/cms/envs/production.py
@@ -13,7 +13,6 @@
 import warnings
 import yaml
 
-import django
 from django.core.exceptions import ImproperlyConfigured
 from django.urls import reverse_lazy
 from edx_django_utils.plugins import add_plugins
@@ -239,11 +238,6 @@ def get_env_setting(setting):
 # by end users.
 CSRF_COOKIE_SECURE = ENV_TOKENS.get('CSRF_COOKIE_SECURE', False)
 
-# values are already updated above with default CSRF_TRUSTED_ORIGINS values but in
-# case of new django version these values will override.
-if django.VERSION[0] >= 4:  # for greater than django 3.2 use schemes.
-    CSRF_TRUSTED_ORIGINS = ENV_TOKENS.get('CSRF_TRUSTED_ORIGINS_WITH_SCHEME', [])
-
 #Email overrides
 MKTG_URL_LINK_MAP.update(ENV_TOKENS.get('MKTG_URL_LINK_MAP', {}))
 MKTG_URL_OVERRIDES.update(ENV_TOKENS.get('MKTG_URL_OVERRIDES', MKTG_URL_OVERRIDES))
diff --git a/lms/envs/common.py b/lms/envs/common.py
index b59d60c751f2..bb363384523b 100644
--- a/lms/envs/common.py
+++ b/lms/envs/common.py
@@ -3397,7 +3397,6 @@ def _make_locale_paths(settings):  # pylint: disable=missing-function-docstring
 # end users
 CSRF_COOKIE_SECURE = False
 CSRF_TRUSTED_ORIGINS = []
-CSRF_TRUSTED_ORIGINS_WITH_SCHEME = []
 CROSS_DOMAIN_CSRF_COOKIE_DOMAIN = ''
 CROSS_DOMAIN_CSRF_COOKIE_NAME = ''
 
diff --git a/lms/envs/production.py b/lms/envs/production.py
index 6dc6be634178..f955055b1ed2 100644
--- a/lms/envs/production.py
+++ b/lms/envs/production.py
@@ -368,10 +368,6 @@ def get_env_setting(setting):
 
 # Determines which origins are trusted for unsafe requests eg. POST requests.
 CSRF_TRUSTED_ORIGINS = ENV_TOKENS.get('CSRF_TRUSTED_ORIGINS', [])
-# values are already updated above with default CSRF_TRUSTED_ORIGINS values but in
-# case of new django version these values will override.
-if django.VERSION[0] >= 4:  # for greater than django 3.2 use schemes.
-    CSRF_TRUSTED_ORIGINS = ENV_TOKENS.get('CSRF_TRUSTED_ORIGINS_WITH_SCHEME', [])
 
 ############# CORS headers for cross-domain requests #################
 
diff --git a/lms/envs/test.py b/lms/envs/test.py
index a9e8aaf9f2e2..844e2f31afe6 100644
--- a/lms/envs/test.py
+++ b/lms/envs/test.py
@@ -650,10 +650,4 @@
 SURVEY_REPORT_ENABLE = True
 ANONYMOUS_SURVEY_REPORT = False
 
-CSRF_TRUSTED_ORIGINS = ['.example.com']
-CSRF_TRUSTED_ORIGINS_WITH_SCHEME = ['https://*.example.com']
-
-# values are already updated above with default CSRF_TRUSTED_ORIGINS values but in
-# case of new django version these values will override.
-if django.VERSION[0] >= 4:  # for greater than django 3.2 use with schemes.
-    CSRF_TRUSTED_ORIGINS = CSRF_TRUSTED_ORIGINS_WITH_SCHEME
+CSRF_TRUSTED_ORIGINS = ['https://*.example.com']