Opened 9 years ago
Closed 9 years ago
#25211 closed New feature (fixed)
Add USE_X_FORWARDED_PORT setting and HttpRequest.get_port()
| Reported by: | Matt Robenolt | Owned by: | nobody |
|---|---|---|---|
| Component: | HTTP handling | Version: | dev |
| Severity: | Normal | Keywords: | port, server_port, proxy |
| Cc: | Triage Stage: | Ready for checkin | |
| Has patch: | yes | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
It's be nice to internally have a way to reference the "real" port number when behind a proxy.
Today, as an example:
If you were running a load balancer on port 80, which proxied back to an nginx which was running on 8080, it's possible that get_host() would resolve your request back to example.com:8080 instead of the proper example.com since SERVER_PORT is coming from what nginx was listening on.
This just adds a proper method to get_port() and respect an optional X-Forwarded-Port header.
The benefits of this being internal to Django, is because anywhere that Django tries to resolve the port internally, we should be utilizing this method. This issue is easy to correct in user-land, but a bit harder when an internal Django method utilizes SERVER_PORT directly. The only option is to have a middleware which sets request.META['SERVER_PORT'] = request.META['HTTP_X_FORWARDED_PORT'] which is less than ideal IMO since it's overloading the meaning of the variable.
This is also relevant for https://github.com/django/django/pull/4337 since in the wild, we hit an issue with SERVER_PORT not reflecting what the upstream actually was, which caused issues. So this would unify and make https://github.com/django/django/pull/4337 leverage the new get_port().
Change History (3)
comment:1 by , 9 years ago
| Triage Stage: | Unreviewed → Accepted |
|---|
comment:2 by , 9 years ago
| Triage Stage: | Accepted → Ready for checkin |
|---|
comment:3 by , 9 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
In 4dcfbd79: