#9064: Redirect is broken when HTTP_X_FORWARDED_HOST contains multiple hosts ------------------------------------+--------------------------------------- Reporter: Artur | Owner: nobody Status: new | Milestone: Component: HTTP handling | Version: 1.0 Resolution: | Keywords: Stage: Accepted | Has_patch: 1 Needs_docs: 0 | Needs_tests: 0 Needs_better_patch: 1 | ------------------------------------+--------------------------------------- Comment (by mtredinnick):
We really shouldn't be using this header to compute redirects at all. if the hostname has been changed as part of the transmission process, it's up to the servers doing the changing to do rewrites on the way out as well. The best solution here is to ditch it altogether. Systems relying on this are arguably broken. Not holding my breath, though, since some people seem to like. Note, also, there was a huge thread about the complete lack of standardisation and variance in behaviour for the X-FORWARDED-HOST header two or three years ago on django-dev. [http://groups.google.com/group /django-developers/browse_thread/thread/b3b2deb687a3e885 Here's one thread], although I have a memory there was another as well at some point. Unsurprising that it's confusing, since it's an "X-*" header (totally non- standard). -- Ticket URL: <http://code.djangoproject.com/ticket/9064#comment:5> Django <http://code.djangoproject.com/> The Web framework for perfectionists with deadlines. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django updates" group. To post to this group, send email to django-updates@googlegroups.com To unsubscribe from this group, send email to django-updates+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/django-updates?hl=en -~----------~----~----~----~------~----~------~--~---