#19987: Basic host validation performed even when DEBUG=True
-------------------------------+------------------------------------
Reporter: Will Hardy | Owner: nobody
Type: Bug | Status: new
Component: HTTP handling | Version: master
Severity: Normal | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------+------------------------------------
Comment (by Will Hardy):
I thought I might take a few minutes to help out, even if only by writing
a test.
Which approach do you want to take?
* skip all hostname validation when `ALLOWED_HOSTS = ["*"]`
* make sure a normal `SuspiciousOperation` exception is raised (ie no
exception when trying to display debug response)
* add a different suggestion in exception message for invalid hostnames
(ie invalid, but matched in `ALLOWED_HOSTS`)
--
Ticket URL: <https://code.djangoproject.com/ticket/19987#comment:3>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
