CSRF_TRUSTED_ORIGINS need manual setup

[CucumisSativus]

Hello!

Thanks a lot for your time spend on maintaining this library, it really spared me a lot of time. The only issue I encountered is that you need to manually set CSRF_TRUSTED_ORIGINS yourself.

I am happy to implement it myself, but I'd like to discuss it a bit first. Would it be ok for you if we add a new env variable that would indicate host of deployed application (ex. HOST or something like this) and if csrf=True in the setting call it will add given host to CSRF_TRUSTED_ORIGINS? We can also use this variable to set ALLOWED_HOSTS. Would something like this work for you?