When using the requests module to construct Django view requests over https, insure you use lower case in your ALLOWED_HOSTS and/or CSRF_TRUSTED_ORIGINS in settings.py. The module 'django.middleware.csrf' calls 'is_same_domain()' from 'django.utils.http' which does a 'lower()' on the host portion only, but the 'netloc' field of the referer object is extracted from the full domain name and remains upper case. In the host naming convention, case is irrelevant. However, this simple mistake in your configuration since 'is_same_domain()' does not correct both strings before comparison, may result in the REASON_BAD_REFERER error.
-- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/f4f4ec1f-ffb4-4ed8-9d49-a8f82c264488%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
