diff --git a/lms/envs/common.py b/lms/envs/common.py
index d368a731d3bbe69368003465035b0d2d42ae36a1..f4815f3c50c08a9de3e550157630dbea6bd69aac 100644
--- a/lms/envs/common.py
+++ b/lms/envs/common.py
@@ -2314,6 +2314,7 @@ CSRF_COOKIE_AGE = 60 * 60 * 24 * 7 * 52
 # It is highly recommended that you override this in any environment accessed by
 # end users
 CSRF_COOKIE_SECURE = False
+CSRF_TRUSTED_ORIGINS = []
 
 ######################### Django Rest Framework ########################
 
diff --git a/lms/envs/production.py b/lms/envs/production.py
index ff8c05062f77e50d25655f9e4a5ed1877b3ee4eb..6c1c14fae939c4b49b4437ddddcd11c3b3760a52 100644
--- a/lms/envs/production.py
+++ b/lms/envs/production.py
@@ -428,6 +428,9 @@ NOTIFICATION_EMAIL_EDX_LOGO = ENV_TOKENS.get('NOTIFICATION_EMAIL_EDX_LOGO', NOTI
 # by end users.
 CSRF_COOKIE_SECURE = ENV_TOKENS.get('CSRF_COOKIE_SECURE', False)
 
+# Determines which origins are trusted for unsafe requests eg. POST requests.
+CSRF_TRUSTED_ORIGINS = ENV_TOKENS.get('CSRF_TRUSTED_ORIGINS', [])
+
 # Whitelist of domains to which the login/logout pages will redirect.
 LOGIN_REDIRECT_WHITELIST = ENV_TOKENS.get('LOGIN_REDIRECT_WHITELIST', LOGIN_REDIRECT_WHITELIST)