From 7470c2d3d0097d4717f68863c1f69162a256df08 Mon Sep 17 00:00:00 2001
From: root <root@nyx.js-devop.de>
Date: Mon, 11 Aug 2025 12:57:08 +0200
Subject: [PATCH] fix CSRF

---
 data/db.sqlite3         | Bin 0 -> 172032 bytes
 docker-compose.yml      |  11 ++++++-----
 subscribarr/settings.py |  15 +++++++++++++++
 3 files changed, 21 insertions(+), 5 deletions(-)
 create mode 100644 data/db.sqlite3

diff --git a/data/db.sqlite3 b/data/db.sqlite3
new file mode 100644
index 0000000000000000000000000000000000000000..2f95468efb51120e6375e82aeaa4ef34f49f4a2d
GIT binary patch
literal 172032
zcmeI5e{36Be%Lu8C5p1Bv3J+z?%H0DX#2c6S=7vs!yj7gX=zz&)0Sjgve&CU>=DD6
zAvw};hMpNpq7R3zoZVdSf;4SXw78;0f#T8zZBQV8qyZY-HSMA44-`#uK!XHn(q#YW
zCBYq#1VP#&SD@ebX84<u<y{w8-F=DOG5Oy2ec$){dEfVa^Gh=u_f~XQ<I0v@lU*(u
zI2mA=z*`&_2m}=P|MT#F>m$OKQ0oW$%XED|=&KS)D9k9-j<A14WUjD(?R`0@0hS{H
zB!C2v01`j~NB{{S0VIF~kN^@u0?&~^Y#NlEJ{^VanTeSI`ybe^uq*7y)VHR-Je7(5
zW%Qp#i_tTazcu+YlgpDQPyEt}ubg=6#EFUDnrMPBevkkXKmter2_OL^fCPT@39OwN
z4P3dGcQn`4&5Bc(P0iqWK3S9vSF?+9z22%S)@0o%I-1h3HIWykIX*il@SKodkkSjH
zkVr`)pGv)R8uZBn`otbhTbf}s%eo1LdU0E87G+Z{)~tTLBEP`r5?NlzNy+R>p!f2C
zUZJR)x~t1ZuSH(VOfH#|a>*A*1LsLg$I&g*0p|{Hl+E&~^cydX2F_;kvP}@^&_)E$
zP1m$sy{s#;3z~-Zm`SC@q<9J%U+!vrc!yFpmF3?*305}qvZ7cG(<N4l#fAeT&}Icc
zcHnn!p=)hxfbkG~nPe`L%qCe1p-cVYHi=SFkZw+m22MZB%MG^*&|nB@NKgaHy6w0{
zQ?6+c7JEfQGb?U&C=ouF<dbhjLDP+vCZX7<tFo&V>$bJmEY>x<rh9`kT!SbH*`-O)
zu-ekV`?geUt5H9S8R=XqnaSKZ0ZJbDO88v2Lxy}bf702skdfY=07V-uMcHme1kVw;
zq%+whFWruSp7&dNGQOT2+0cQHWjjS#Rg0Q!TXwMq@hev}XBeV%hR>za`EgKIXemn<
zZS7G*x3!{TnJ&bx+pKF&kp$LI73pL~6t9Ir#qE{~soO6K$gnCfYt4o+biSpfOj^pm
zH3m9bW6h_!b+p-7b$7TUshpS*mPSECYpmO;h{l~plhENImrjYPv~V*7N?O4SlgSI-
zPOKd%YLY2I66b@U38pih28Sn)w3rt7+|7~Ez~vkHZtiqG+gi=qX^%&d3<$Mi=y>p1
zF`LW4MfS^=`!yXpb){S`mC8oh?*_)%><Ig-?9Z`(!u}%LV1Ju^z-E8+7c}$`2_OL^
zfCP{L5<mh-00|%gB!C2vz|#qw9S^=4@z44Vobh`t9LzJFN?V6hGL4d>*m|9u5DcFi
z4K7Anr%UOX)b6vMv5{bsQMY8XVzo}m&{F`BXec;6PR=eA>FKP~OmMy>SJNvtJ=y4-
z0oy~T#)4Ov);T<SCUE4%U~rb9jXS3{E(HP;ARb}k0XEM5Eq0x?*gs%@!2Vk}50H8~
z1C&4lNB{{S0VIF~kN^@u0!RP}AOR%sqeI|S==|ySu{622AaXu*<s#E__}+E*)A+g2
z*}2xifB&sO;nzZEg-&JviGi{6p|kU?YPbae&Kq={HW+;=bp9;#>)iq4{~J0Nx_pu8
zzJs9advGdrIz|ur=?R087ec3}Bjg-F=M(@r{=YQ&F9UGY|J&@pVgEV%57@7=E~~Js
zY>GY0hNk{v>i4Jq<J2!tePinJ)EB3|Ff~2JME@xIo#-z_zaBNBccTl@>FD_6pHF@~
z`J0p921WQm0!RP}AOR$R1dsp{Kmter2|O19Y>2tQMBun+mtNGobSlJLWFo3&Xz)h@
z<k;+@SE5wm>Zw-}p9(SOnFzT*o(N2z2{CibI91Vg)W*FWVgzQ~*VI*U!K?5Uc2&G~
zI>gK}<3w*)>G`uECc}iO`u>BzbLT_M8%)^mqrdj7SL=7wU;FB-Ax2`tq__U6S7^gA
zzsvqZ%9k&Mm_=r+-D!V)%&TvA+h2d?T!_grV_wJom8WUtDD8USaP_6vLd=`YsNeHI
z^^0D$-|;~83l!ui>35*+)C(czG86JWria5PUkWiZOsMT9Eo8mIwr{j>ibhDtbBLBi
zX-EXAx~_xgNjmaDUu9Rt39rIe+f^|^Ln262ca=s?hL~w)gsP{9;p5c&5nnMa3VTJq
zN?J5VV||1uqrc(kKQhZuEuEwH(3wyK?g8-Pzf&Bf#lE&qF&zI#X6Q`ll###xkFe7L
z_WSJbv%kjv3-+g3lfB0#p$I=n00|%gB!C2v01`j~NB{{S0VIF~etZa=jD!N`Pq*%+
zC#R6kjfVnPE*^CK|7<uEI6LRx{NI1B=KL5`3hm1N^C{;>p?co09ysmsVhAib+jsr{
zY%mnKe6j0vgVXgrIuZ(;j*$!g^c2Di4E&t#z5Y**|3{{z0DA^D_(1|l00|%gB!C2v
z01`j~NB{{S0VL2(VE;=arvk<N_~~eLJd#gF#}`*ur`3ne`wzwScT`E+xVDkj?kqnl
zIPV$P?!Q~RW;M#qJ3H&5y?0}+{SZ5W6Zi#5T1ZKWw3tgtysJ6x&{|$f=aQuMt=2;>
z6NaV8M%8ue3-j|rPD}{tY(hu~e0m|v=hC@sSx716v?jtM{&E>9%V(5aPLeXbmd#3h
zs;nw<R!b+PR4JDd#B^2yVOfKR_^G^_6vX`sLmix^4(6f};^0ns&9X{s>COA)hH_)o
zdHdnx<&v_kzPGzlDp<+o2kGW|`a!|&b0NLJ3yEYpnM<d)9JnUmC^ww`XBy@Rgshn1
zv$>AUTU*YYs_j_ygsL6rsZ>hw5-*hmHJwcH8MRbOm2+ZBN-0_{t7Q00SuLexUd+h3
zEYu`(sf>^+mEmcpa#@j7h1~x?!v0Bs{R`OO2MHhnB!C2v01`j~NB{{S0VIF~kN^@m
z-UP;jrx|hzWh5G$j&x2kkn8_}lgHaNv>pi{0VIF~kN^@u0!RP}AOR$R1dsp{IGg}|
z{vSIRV1LN|FSrNb2kiIQKVpB6{cr4Vu>Xnu4*M<kSJ+>Irvm&u`;Xagz#9U88lDcg
z&wd%+5@@kHJSFgb_8~ki;5NI=F0wgzYQWs#y<sg9Kmter2_OL^fCP{L5<mh-00|(0
zV?bau$S{#hbbFC*<8(Vsw&NV#UZC68==MC>l9&C#_AK4LO1H0&?byq78>8DZbbFd?
zM_;1b7wPr|x;;g<p_6pW((M%8M#(lfNw+8Hc7kprWIHlWw_&;+qubF?Fv5h$CP+3T
z!C)kU*Z+?}+@Xm`00|%gB!C2v01`j~NB{{S0VIF~J|zKi{U7iD|CA81ITAnuNB{{S
z0VIF~kN^@u0!RP}Ac4;~0X+Wyj1Lf+hXjxS5<mh-00|%gB!C2v01`j~NZ>gTz~let
z01;In0VIF~kN^@u0!RP}AOR$R1dsp{_>2=EfB%0e^7R1wyX-Hre}jF8&9W~|{n^xS
zPW}9pJGC@*Ci<7r{}TOX^n++2Iyw0plYejW{mIu({ErjgJYk(kP5hsUe>d^>C(0Aj
z#CYWUk^da|1yF<^B!C2v01`j~NB{{Sfg=()cWE@hT(}b1(Y4)T!_n*|+2qI%j{M**
zLhZ%bh^iTytF`OBpPoeAlYm!Do0X1)_mfJzIt>!%FGplmZ7YE9v~HGzy1C3a?Om?d
z9nE!hv*NUkfHJOCIDY|zg*V21WBSB>n|d0&<~8tb>ucbf*xg{}JT#b<#)+wY(!}C!
zQRy6rX7XWbxucn`X}Nk?S7cYW%(nTYg6poyorPv^EQfs`hBfpZ8EpEh*VOlBSX1An
zfu_k<psBPNCVmZTN1PjIlzW->H|Be2>zd;<N{(Xd^*$d-71v$&W(=Ax7RK6M4r|=@
zbFldtuX)?kVa?mV4m8i4hUU4YG0)p!Z9RVn8@@yvj#7_n7W~ugRC`cqO^?5Cya)~7
zyfNzgJG80q?vTbWc#VB;hc@<|9c(O}g2tKrDDib@OXBKav-nA9c6l!3kFDeM1}**l
zITmDQgiw1B+fwb3^W>&Hx%Oza<=R6;OSmY=U7QVh!_pS=#)AHwodk)wOpscoSf&fJ
z$8FZNHhI5{BZc!PKv;Mq=$qFk?wi=tV8UzQ+u7H^x3#;$OavOtN<m_9pENPLTlBSY
z5S^YGp_W%{t5I*;On=40P=9%D#5cAr;hX8njCnG?eQg=vGWz@6D9Bv6GD1vh3lL-I
zk1L_kKx8&aji_sOO>aXcMO>$7HVA_A8Q+>tIWgKdsZ%&RLWO;^I^{&zx2;onnE~M$
zf!Nn6B$C9)P6=NBKjQL?Vn_f9AOR$R1dsp{Kmter2_OL^fCP>)0do95!v5C)`#)iW
zA0&VTkN^@u0!RP}AOR$R1dsp{KmthM7!ZgBlZ>l5?ps@$VKmFSnJ_FxHb!0v<|11T
z+#}E^Hyr1!EoV;EcC30r)$sj)$6#2|L?nO&kN^@u0!RP}AOR$R1dsp{KmwnV03QE;
zN`TlL2_OL^fCP{L5<mh-00|%gB!C2vz%d|zfB%0B1_@0>0!RP}AOR$R1dsp{Kmter
z2_OL^@F@w9>;F^1Uk|XCroKBh7JcKypHBSWi93;>9p4K7-LW5xZH`?E{(A7If_F!z
z0^bbehjtd;7+U;13xo0JsSR}@fgddbAAa$4ICkX<^EVr=TrxCSQLKjPI`k>eJwL)r
z>&yB3%iR6^wUuQq-cuLnUXSZ)oYUcPuN8RW^xB>K+}eYc74GhOVKu+L$=zPw<nj;h
z-zlttmeu98`&YSmU3Q#Z%Z6q<vJHP=WWO$m*_n1*kT7J&EgDuuH{+ZtyPB)lG^!Ws
zbf@Sv;9;cX3D<G1WLZXcOHyjeHLXjx#CLRa57r9z9xQ{JvTj2khlsY!I9!BS<I3go
zpe0ZvE3Uo+rt}+0Tq<r^x~Tz!j(<Ko=vb@Cy3uh#lv2Z7DCt(5bG1FU8vyB6tr2kj
zy|(_o3mzhE?+|t^`XWyV!KgvcZ6Vj%)<8*1Mj9qVU>C{ox1@xY)J*cFvDl4iCZL<D
zw&y%DbnsYixZpGVCf};wBXEmC=ljY1Q!j>N)6>j;%?ru4R7d7SUof^sK2andGPZuC
z%<Nx!Asl;umf2sWrc+BgkHT#|TDV9aY78ifVmXybYpGJ7+=Op-VeR_zyD*1{*+<Y4
z=kBZxNE1)}#}~J{jnC|FoC?R9v&<9rNM<UQsuAalydam78A&cSO#M-xS);zu-kjl%
zX!~&0NA?6_u%#hB^W^f$aBOy#`H<-ZL<d`+x$Kb8=m>wJ_~^$xnCI4)-(Fr{URzq;
z;Nt2QJVoE?2?@W~8SXlfTc;VcuvWNV$giwy`i0BayM6APOP!q18>^xubyC92{sJ40
zRdUR}+!=lPQ0cB9bGp8hNX@1cNy&*Cr8powH6&mMgbvWyHP!=72$0U8kmND5KRX38
z42<uZVFT^_Yyozc1d&%t<=k+)qersaQ{ScRX(qQCfVErE@z{Pa$2_@s80%JpK195t
zCPk^lcc$Bbr;`WIx&he^l^&+Wo^Fop8-!tx8km1;6X94c$9$OS%)bF6h7Uw!$ZQ;F
z`iUl`r)B6~NB3;(n04ey*z5h_lbx#XG&ouxGy6Bk!Z9n!?0=aC&yb8kUR_Z%<dSB<
zD*@nf?!`>Hq$bs5iH6LO2BD$xGDPrj&0drYX+}J2+Z2Zwp=QBED2#?<$t3e6M`L41
z%OOQ$y-_hl;uD2L$G!v8r)Tx>>Y2MEV`Q1xq@MVDD~|T4p_z)-_cPezL0{$TBuQU|
zmNWaCOgJ__&peU4>D2U!P2Vx%_?~wPMtbzN){;*BC*{)FIqO+6U>pxwP@oo&8v4-v
z(;2+}|D$yzh~6LpB!C2v01`j~NB{{S0VIF~kN^@GMj#6BVw_|`0ruasU!S@;`3I5Y
z_}>oy>DV8RogU3Hq2QSlp9g_^fx@u1J!K&Ft33tB=f{UE7mh71GGCqZ&WzeNoL<uh
z-{L7BRB^8Ne9wV$pXj^~eP<}WGS`1$7S8Orx@&Y@AMHOaRJR=WpsRxxTsI_dqa3{K
zSkX*dbNb4;rJKu3x4G9}zqN5^t@uuUrEvZAxGy=w-C5^aKe)mMy#P5g1NPbQx?<VU
zisZs*_vKOV0;OVWP!4bSb-U|2mq{9R((aJ@)-}tL4wsiZmrl8!bI08m!~GF>$~Bys
z4=+rIWBEMu)k051KzDub-fa!_V9ojAF)=9kiGspYb5K<HwND8SU+S<J@kI^}6<^@!
z5!2hi3!L7vp7{C9M#%nq7s9dK0`r9Nt{im-8NKbI>ta#=)jB~)mP)BqvghuLfktQj
z0BT*T{Ukm3mx~T<O5(3`?Zdl@ck{JyY`ehh>ql|UzjL6drOLc4q=m!Xdi9yy>eqc#
zhgx?t%sdI7hf92?V4xPC#g`r+MNuwELRt~MD}9I3e8qRK?>hUTZM>m}E0~A$`mBya
z?(NYA*LW_T3&%DkW`B7I2znjP>0E*=se&M9_*Cy$dQvYRHi8E!8fL#IOX81y^Foh1
z8;(5$EAt0i*$N6tETu(3$P6>`%n^+2*K@dy?U35P^J+NeNX(Pq(@ktSR+MrIUrLJQ
zAtB^pc<Bg%<4Lx|Ww`RAc>(d!Y960~S3v#l@!4HNOOe142|TI15{?xL%!mGd+@Wc>
zH;vHg-bta(i~jr^cIV{4+Wm?4=~@Yfd(L~a153gGkDDQ$EWR9$NfPtnw719HL)yz*
zy?nj07Y?K9iG0>rw$tVjFj86Hfu|jF<YHs7)hh?yW!VE%>|uE-cjo9#dw0*q@%sM}
zQwfS80VIF~kN^@u0!RP}AOR$R1dsp{IK~9<`2QFW9-58>kN^@u0!RP}AOR$R1dsp{
zKmthMhy?KX|A?Sa3<)3sB!C2v01`j~NB{{S0VIF~kian}fXDyGc<|74B!C2v01`j~
zNB{{S0VIF~kN^@u0!Ji3-v1Xkc|>6pLjp(u2_OL^fCP{L5<mh-00|%gB!C2tB>{5$
zKN|SuK=hwXd}Ta8`XPM%?0>$t5}pi<?C#J0%#xDNN0=|&uWGh-#o^X0?rnIc{I+gZ
zxQB9+D_k)Q?wZDJS`C|9A&)Vi<{p@a<~WH&qUySJXJLL`wq1CG`L>gAtD3u`mJ*6p
zn=i?xsoBo_PHNtJJo$V|N@tVOy!W_tXFi=xWs`!E6ST6VCAR97k3aZ_g)24A^?I-B
zl`7{bRq{&nQj>FB%dSm-{J}qpPUOq*NPf<#Yo<!f1k1UauBwLC5^rj<?QpVTnc7uu
z9bWCcZE^XUY}q=eI~=&DHaXYgRNYmov^kLkjjrrApq;65HF;a(WavY-w+-4!mo=(Z
zYPbn*P21%R%i3P#ma3Yv?G?x_JTtzbYKz=$c(yTTl@r{xhRfA$&GpTNj!U51<lt51
zHUSFH=jTjtPS=Qa+Fn&|I4<=0@dy8uTLv!`T{es+w_DXru4y%{*t9h~t>0_S$u9T+
zLqH8Ld+>CZ+X5}r4~Mkkc4c_HKXuxHmsx^*B02$sZgMbI8V3W%Rdm~Mpc{*G8@5Tg
zz^EE3*Qh(Xs&T5dYc515q7$pK&fRIKjcu9x_=BGVOm$s>CfXc4?6s^ZE=S);PhT+#
zo#eN42O4a^F!<t*Rd(l`I(el!=j>`4bPnc&=!Wb%jcuK~ZGoXgb>8H3r3t*?{jyCE
zxGjTqx2>jZ$`##{;C6LGy$S=dBbOiol&WkwT*cOEFl^8wI^mB$4N$Hs+bX94^d`J%
zo(4fhb2-JZAVdir5=-E#Y;fJ-XXs_k8%HqJgmEEyNwfkt-Q4C1AAj(T8a&LDSfPPI
zZj~TU&|n3zhqCTo<#u6$LECS*@Qssocqx5_D_b^KhBqRZszbWg7QFzEPF&Mq@cf!Z
z?gorZ`$u$QNp4iCF6oa9+in$VcfDYP!8FSahpN^z61dJ)BILA2*C0)=a*Ex&O2cJa
z)9M^~KZa+_F5n?U2JvXl!Hlb4^+Ic|Y&2Y$bVQ7X$raDlZb&4KU|!8}1`s8Nc|%ds
z;KdTtUySEXy+&X5N?w{verV*&5^Y4jty?u2-Y*+}U*tt;j?c~s0w?ebQhGs1CDN&E
zI>#SSli@QTEsR1sOYYBp^<D$gS>W5NP3}6pfy0@5Q0K18HX-q>$%+@mWU`a21U07!
zQYw=v2@*+G59Mu$LhgpOWszws_XJGIBJ<Uvlg=S=Rnq7*leul#f$<`nxj7l8CwaRF
z42N8H9q^wvBDn_|*)rrO-7+B-Z^?DpB!hTUhb~piFq{N;ziPo)!uUYet~AWb9P}rb
zEJ!vKK2b?VkJ~n_T?Yn~gleTr!hjcpK#;i*l`2FD$$C|pIzr}%3j@TJb;xGW2qKLJ
zbrl>{3>k7i^saGrtKKkVo7>h^XKqgGq$<d!G)%5?t1`q4q(WD&$h-2~oTF(q&d?#b
zf{{)52J;03WRivI5I7nnI#n;1$y|YnLedZE3sM~9KoU`A1=tY%FnwW8kp$*|DGp3*
zr~rZuQ`>`_Ns_9g!OJf|3z?5qz2^A{{pvvc!0y09;0rk*@${IzZp$@!c<}O^kY127
z3!;?Bq%!F=yr$g`>%N*y^21yRf>+p|{mCmA$Xc8uY#+kt*nqF1L;5$LHFl+Rs%N21
z^L$d3m5flLvAeG6rXt%WosTf;D!1N*<q#G|nw6|F2MdG(YbUI8Fgy^WAOc1i5F`#1
zKtMz6TBO3B)6Fu(5#T0?ShFEcAv_)u=DXB~8u5XK7Yr}-X^`CLLJ}gw)_@o2?7+Y&
zR>Oq%@Hnvk=*l)IgG8oS3W<M*W=WCf=&BAjk*P$Yl0*TR3IhtZKqS{KNU`OH0kg`Z
z28$_V`UG(f@-FBBdmvJDm}_3-ke0CgI9wiHFb?6t!CP2#*aO%$VYP?Z<5q2NDJJ3L
z`Av0$500hin%ks$VJUMB(t?C)!^^mR14!ivAWl|yAhcn%1V<n<I(};GPJA>%lKg@w
zCL~dW-K5^w>D1(;pNt0~cINkIzxGCvB)+dLk$K`%StB+*Yv@4M%cMGKFDc8Cs6y5&
zWohWFLDJi9II@@XcH~-Jw_$B0Qxx)$wGE4^H{Tj0o!zz)+)Y@bVBf<}gLKqf3(CoE
z5hOX&fkn_;86dN1j(G*vV{exPW<9+6NH?0Wt4UVehh(;|$&VY51a)&qhx`RSkn~FT
z1!*MEk@I$mY_4uV6oV+q3o`7Fst__N1T~BU1Q3Zpuo;#)2)Jp_9?}Cu1>`E&IiV(R
z>yATH4#WVYQP|P*9F!q>xe&6@y~WiUup?OlgNQK@kTtNFE5KCocf&}G!rSX%E?W>@
zF3I|2kch?->_S4iB`MBJ{B(B~qLRj(?+)GJ^}dr`1_J_l&aY~P6NDYi8Hjhso7Lbg
z7-7nFXOX)D`?i48TLCn~fxT16F{YnCA^A4I9<r{(E{9d)Hsu=ZDg&B27zz`HtRIa!
zox&t<!Zh~gBrzZMcOjf%ngUJYO+%&o<nY!i@6GO2z3%ZM2pT5rTB#&->SXXKDvqo|
z?McwHOYk;?jqEfJNw6>#giJyb1Sy#wm?VBpD*fRXM_`gH?azMn<*$$gyR$(T1_)O#
zdu-?iS#2O^Db;74E|Qo{ik<0_l`?8hNTqXdj6n7hZjxz0)0?4sJAbf*ks}o^E0U=~
zR&27c(Ulgmpl)!hmZ>W;w+y4Hxik-HT(^;QD7w<$2IM)D+mK;xyb79OU%g@a``6G9
zI1Bp%kRBaJhh5|ZcUOj--5|#lP8AkWvVLmjmeqv0peY9IK3ZmiyVF`@SF8pM*s5+A
znoV~mxohywF5O$5V2vPgO~Q^&KXTkibDd?wTCf1SM|99_g&gRRX$c1luu!}3wlOjj
z{KGpE)20Qs(HU21&>ax43e2%!x1<jH5DM6R115!c@J1Stc>>9Sj9d-oC>Tv5s=d3}
zninK`p0@AV3bf9?XDbB@Vj{_lLV8Gac{Ldc@BjbopYA{lkpL1v0!RP}AOR$R1dsp{
zKmter34B@tc>Moq31WLBfCP{L5<mh-00|%gB!C2v01`j~pM3)4_<xlBodEl1>>sj!
z%>EAhzd!pnqlHKS2_OL^fCP{L5<mh-00|%gB!C2vfJY!4ii|MKm%{Ylz_&-e-?@<Y
z`)fh(_s)oS{QtcG``7GWv475fpZy*ZL;^?v2_OL^fCP{L5<mh-00|%gB!C2tDS=Qh
z!i33Ylx#v|6C|6FC^*EhzZQW1@Ph=901`j~NB{{S0VIF~kN^@u0!RP}d`1a;ff)}l
zuUwqYM=p5Jsef3wzjTv(n1^lWnUbAv^ufNl1wlxpgk&n6CfENN_KySbAAXPk5<mh-
z00|%gB!C2v01`j~NB{{Sfn!b}HWp!CnQomV=$sGmj{kocV1Ibb9Yphy01`j~NB{{S
z0VIF~kN^@u0!RP}Ac3I-g270H-2WdsVFadrFZ!=0{|<b?4-!BENB{{S0VIF~kN^@u
z0?&oOlXz%!^(Qv+Lb~#}QF)Zgsnx7y@UALuHFLRUshZw1x3(VJ3GLS2J6qSCJG)!?
zd)Kt0e#0=EWl7sGx7If0WaD~1t3OOVT3<?D<MsOHb@8#Xm(d?=l^!-$MXg{wUVf-m
z_wE?U4e4GvdGoz{8F#($u2#~7+B<g?qr81@Q_JR@mAlQkn{zkcxhLn|aWcmGMy6W0
zwt4-A{r2W9aZjk+tr)kOqFLRmZr*aF^xkeQyJqEY?A$Zn%fC}GZ&r)>mFA5#+gT7A
z#=WK7f(aem;%{4bMcyggxhLKe#ND@-Zr!R^u0L|MwUkr4_E0O_F5G*RZ(V>CB~IWM
zr1SzWB$631C+42SgA|fn-!7$+k4vV!RWox|#!Bw&rW&r4dc2e5`LcT)A?4PW7t-&%
zy<9Ihwl>R4*6jy-+XZ>aE$rUAySen<qic8fZe=&DM!kC1y?)bbLrQT%W`P$M#B3tR
zOQ~e?NqmGtlD3)|wJJYO?P#TJCA*hwZt?OXMbdU3?J8<1c`PBVY%XlQ{U|e6tBTEn
zx|v-oXxEdES8n9_2etC!HGQv<-F)}j9k+2$UM*~QLrRlKN~YnZ_n8bYK8Z6Fl5Onn
z2)6EQTWT#^er%NLkM^3Ty{)UIOevQ=mXVa*d2gY-anrn&ew5xR6!Vg?W#?D+-rd`J
zSiPHn@49t+L(ezVs<JfKbXNIZNMddwB_*<%R5q6**Z)IoEx^{;Utxci{qN5u(V-F~
zfCP{L5<mh-00|%gB!C2v01`j~Kh6X$1y`A;o%{<Cp{Jev3KF5Go%|WO7+j4!?c_%^
zaw{+yG6L+YQ%bZk`L9oWequDTK7KzE4Sy?Sgtva2hYNj20!ZNb5%}oKSHrQzMdqhQ
zUAbgvj^?_$S#j#JsToDNUT+n&{vD{8Sz2Gt-(TkL=dZ0SbMXV^;@s<TU5#_P>1q|t
z=GN}q=hhyqtZ;YN3#<9{P44#cCYOJ3|4v~IG_EeM-M<Rjz!pPuEwf0PIyKoapgq?x
z9lc^|YDdX~wZgpz%iPk<<)z!uQE$61yvgx1M4M&Gwq0!4Mx5J`ZKW#PuZuiCL+$9)
z%XPiDtu?!3B&jW9%j%&z{Q5(6)MVW#RxQUJ-UY3$TQ*d;V09cO#9Cf<3AS9MMUJL4
zY^|eQ=(tGh8}L+`POaGGou^TDoL$QX;B83#B4yjEbyug_d}Ku_68)xJ>$X7Zm_Q^n
z($R1Qjk+qknp%{>ee%uKYg&7pVUV^o!)TUu6N2-QVQNc(DLdLhV?J|lZY-uPG6CIG
zwLRyNp}Sg9ZnzfxT|6+Bi^73bpWlCJHXPfSVfJ%WiMl156$?~3jt*h0?bUT#D-y?w
zvZSQNbUN89^145t3TxMw-{s=Hl|$RdxjSq9f@HRJ^%bAlPtSy7Gc(MSD|DXss_p%C
zxpzkQRuaW6XL=?{ij44(IZfu3?>u-d$2nKqbK8<o+im9Hh|j$7`LWoYnS+L?*SMn4
z`}=c{C&x*y+~;2p$BJ(<`}gRekQq$E$I(pJv|PQcE3!+5heR%<nqr9;Q(8Jlr}{9#
zOTB}1WPRRH9VAZJ`WD1zp2V+=$M!G2$vp9*@t{U+n`@e?%fxu^i`%S2i0QT$YicQ-
z&Z=6j*f8}+2dTQ~d*vrnKLQVu{sbK#-F=9QmOt_Kcj6NH)$%Gn^Apj}g=25N$$T_N
zqxv9I4=RuQ4*P4@fnqQ&&%AWC&2K01*6ir@r=4VJmi8x5M?`mxt~~1H>W)yG1f4kD
zvx<cFfjP7lWL!zFkoB}>8MnUt_VW7j+S2j{P*xPHVY&_-XMgpc;jR;jb-LCU)(ZCv
z`IVJTzi|2b%zpNAIHu&8{ms64X6ujx8YM@u^?J`t6ICfKrDVRtzF&0upt;sB*bc~+
z&i-)gZ_qQ}_O~y=d}H#=lM6?+9g+pOMW$R*=2L>46Z)oCe}~*tCRo3G+oJ<|dKL#E
zq}p0wIY?a$$K*w3|3QzlHERbv8a7Uuw31Di<x*>$1|%;GAEp7hwofgMy-p0s_YRU0
z568Z;$UKQ1(QK-Yj!;=Dr;{1EXM_eid+pEx8W3;$GQ68-@Qh4&!X8YG&v@7WKMJrP
zv)^IA$$s?w_V!T|5<mh-00|%gB!C2v01`j~NB{{S0VL2v;I&|$Y2Tth@E0+mp6Y?W
z1qt?7_x=^c$oXJC(pC<w(+l1A|I_#XO?@{2|KSG-AOR$R1dsp{Kmter2_OL^fCP}h
zF(U9}mU$r%SzKLQof|nn|K@xkkY8P_x^8`8eqP9l2_c<L2nm5tFJyDsoFb;n*-Wym
z@hYFnO1vxzB_SiF;fAbKIh)K5ZJ5bsvT`z&)nru^GHE`Q$%?Wj2&G(E6{V7>h&h$q
zb(q+4=2UIRswY%!<hJ9=w(A;>tk!h%t*)v(DOd&hTe7(UcZxR34aebA(*uI7!+1fU
zPtB0%vksDcDlI1A?!HVml}qQOOiIdT<+Q3~6j4a?NlDbQrJ-(Q`JDg$KYafGF$!=r
g6$u~#B!C2v01`j~NB{{S0VIF~kiat$AkY8*f5}L}LI3~&

literal 0
HcmV?d00001

diff --git a/docker-compose.yml b/docker-compose.yml
index 80855a2..562d1c4 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -8,11 +8,15 @@ services:
     environment:
       # Django
       - DJANGO_DEBUG=true
+      - USE_X_FORWARDED_HOST=true
+      - DJANGO_SECURE_PROXY_SSL_HEADER=true
+      - DJANGO_CSRF_COOKIE_SECURE=true
+      - DJANGO_SESSION_COOKIE_SECURE=true
       - DJANGO_ALLOWED_HOSTS=*
       - DJANGO_SECRET_KEY=change-me
       - DB_PATH=/app/data/db.sqlite3
       - NOTIFICATIONS_ALLOW_DUPLICATES=false
-      - DJANGO_CSRF_TRUSTED_ORIGINS="https://subscribarr.example.com,https://app.example.org"
+      - DJANGO_CSRF_TRUSTED_ORIGINS="https://subscribarr.local.js-devop.de"
       # App Settings (optional, otherwise use first-run setup)
       #- JELLYFIN_URL=
       #- JELLYFIN_API_KEY=
@@ -33,8 +37,5 @@ services:
       # Cron schedule (default every 30min)
       - CRON_SCHEDULE=*/30 * * * *
     volumes:
-      - subscribarr-data:/app/data
+      - ./data:/app/data
     restart: unless-stopped
-
-volumes:
-  subscribarr-data:
diff --git a/subscribarr/settings.py b/subscribarr/settings.py
index dbc63d9..5761348 100644
--- a/subscribarr/settings.py
+++ b/subscribarr/settings.py
@@ -116,6 +116,21 @@ if not CSRF_TRUSTED_ORIGINS:
     CSRF_TRUSTED_ORIGINS = ['https://subscribarr.local.js-devop.de']
 
 
+USE_X_FORWARDED_HOST = os.getenv('USE_X_FORWARDED_HOST', 'False').lower() == 'true'
+if os.getenv('DJANGO_SECURE_PROXY_SSL_HEADER', '').lower() in ('1', 'true', 'yes'):
+    SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
+
+# Secure cookies when served over HTTPS (optional)
+CSRF_COOKIE_SECURE = os.getenv('DJANGO_CSRF_COOKIE_SECURE', 'False').lower() == 'true'
+SESSION_COOKIE_SECURE = os.getenv('DJANGO_SESSION_COOKIE_SECURE', 'False').lower() == 'true'
+
+# Optional cookie domain override (for subdomain setups)
+_cookie_domain = os.getenv('DJANGO_COOKIE_DOMAIN', '').strip()
+if _cookie_domain:
+    CSRF_COOKIE_DOMAIN = _cookie_domain
+    SESSION_COOKIE_DOMAIN = _cookie_domain
+
+
 
 # Internationalization
 # https://docs.djangoproject.com/en/5.2/topics/i18n/