Avoid having to explictilty add the host url in pyramid.csrf_trusted_origins on instance served on non-"/" base urls
On instances served on a non-"/" base url, POST requests made on form fail the pyramid's
check_csrf_origin test. To fix that we have to add the domain name to the list of trusted origins in the pyramid.ini.
I think that we shoudln't have to do that and that the host serving the application should automatically trust itself.