Ticket #6880: 6880.diff

File 6880.diff, 3.2 KB (added by aaugustin, 4 years ago)
  • docs/ref/request-response.txt

     
    191191
    192192.. method:: HttpRequest.get_host()
    193193
    194     Returns the originating host of the request using information from the
    195     ``HTTP_X_FORWARDED_HOST`` and ``HTTP_HOST`` headers (in that order). If
    196     they don't provide a value, the method uses a combination of
     194    Returns the host of the request using information from the ``HTTP_HOST``
     195    header. If it does not provide a value, the method uses a combination of
    197196    ``SERVER_NAME`` and ``SERVER_PORT`` as detailed in `PEP 333`_.
    198197
    199198    .. _PEP 333: http://www.python.org/dev/peps/pep-0333/
    200199
    201200    Example: ``"127.0.0.1:8000"``
    202201
    203     .. note:: The :meth:`~HttpRequest.get_host()` method fails when the host is
    204         behind multiple proxies. One solution is to use middleware to rewrite
    205         the proxy headers, as in the following example::
     202    .. note:: :meth:`~HttpRequest.get_host()` returns the address of the
     203        closest proxy when the host is behind one or several proxies.
     204        This is transparent with reverse-proxies that rewrite both the
     205        ``Host`` header in requests and the ``Location``, ``Content-Location``
     206        and ``URI`` headers in responses, including Apache's ``mod_proxy`` and
     207        Squid.
    206208
    207             class MultipleProxyMiddleware(object):
    208                 FORWARDED_FOR_FIELDS = [
    209                     'HTTP_X_FORWARDED_FOR',
    210                     'HTTP_X_FORWARDED_HOST',
    211                     'HTTP_X_FORWARDED_SERVER',
    212                 ]
     209    .. versionchanged:: 1.3
    213210
    214                 def process_request(self, request):
    215                     """
    216                     Rewrites the proxy headers so that only the most
    217                     recent proxy is used.
    218                     """
    219                     for field in self.FORWARDED_FOR_FIELDS:
    220                         if field in request.META:
    221                             if ',' in request.META[field]:
    222                                 parts = request.META[field].split(',')
    223                                 request.META[field] = parts[-1].strip()
    224211
     212    :meth:`~HttpRequest.get_host()` used to interpret the non-standard
     213    ``HTTP_X_FORWARDED_HOST`` header to determine the originating host.
     214    This failed when the host was behind multiple proxies or when a proxy
     215    switched between HTTP and HTTPS and was removed.
    225216
    226217.. method:: HttpRequest.get_full_path()
    227218
  • django/http/__init__.py

     
    128128    def get_host(self):
    129129        """Returns the HTTP host using the environment or request headers."""
    130130        # We try three options, in order of decreasing preference.
    131         if 'HTTP_X_FORWARDED_HOST' in self.META:
    132             host = self.META['HTTP_X_FORWARDED_HOST']
    133         elif 'HTTP_HOST' in self.META:
     131        if 'HTTP_HOST' in self.META:
    134132            host = self.META['HTTP_HOST']
    135133        else:
    136134            # Reconstruct the host using the algorithm from PEP 333.
Back to Top