Changes between Initial Version and Version 1 of Ticket #27379
- Timestamp:
- Oct 24, 2016, 11:18:10 AM (8 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #27379 – Description
initial v1 10 10 This is a problem when a request comes in looking like: 11 11 12 {{{ 12 13 GET https://valid.hostname/ HTTP/1.1 13 14 Host: invalid.hostname 15 }}} 14 16 15 17 Django currently fails this as a violation of ALLOWED_HOSTS, but it shouldn't. Granted, we only see this in attacks, but nginx passes these requests through (because it should) and Django fails them because of the wonky host.