diff --git a/config/settings.py b/config/settings.py
index b4f8a77..927b6a1 100644
--- a/config/settings.py
+++ b/config/settings.py
@@ -48,7 +48,7 @@
     DEBUG_TOOLBAR=(bool, False),
     # END_FEATURE debug_toolbar
 )
-# If ALLWED_HOSTS has been configured, then we're running on a server and
+# If ALLOWED_HOSTS has been configured, then we're running on a server and
 # can skip looking for a .env file (this assumes that .env files
 # file is only used for local development and servers use environment variables)
 if not env("ALLOWED_HOSTS"):
@@ -77,7 +77,8 @@
 
 ALLOWED_HOSTS = env("ALLOWED_HOSTS")
 if LOCALHOST is True:
-    ALLOWED_HOSTS = ["127.0.0.1", "localhost"]
+    ALLOWED_HOSTS += ["127.0.0.1", "localhost"]
+    CSRF_TRUSTED_ORIGINS = [f"http://{host}" for host in ALLOWED_HOSTS] + [f"https://{host}" for host in ALLOWED_HOSTS]
 else:
     ALLOWED_HOSTS.append("localhost")