Opened 2 years ago

Closed 2 years ago

#20164 closed Bug (duplicate)

Confusing SuspiciousOperation exception about ALLOWED_HOSTS when using hosts with port number

Reported by: nicolas.iooss_django@… Owned by: nobody
Component: HTTP handling Version: 1.5
Severity: Normal Keywords: ALLOWED_HOSTS validate_host SuspiciousOperation
Cc: bmispelon@… Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: yes UI/UX: no

Description

In a new project, right after I switched DEBUG setting to False in my development environment settings, I get HTTP 500 error on every page with following error mail when I browse http://127.0.0.1:8000/.

Traceback (most recent call last):

  File "/usr/lib/python2.7/site-packages/django/core/handlers/base.py", line 92, in get_response
    response = middleware_method(request)

  File "/usr/lib/python2.7/site-packages/django/middleware/common.py", line 57, in process_request
    host = request.get_host()

  File "/usr/lib/python2.7/site-packages/django/http/request.py", line 72, in get_host
    "Invalid HTTP_HOST header (you may need to set ALLOWED_HOSTS): %s" % host)

SuspiciousOperation: Invalid HTTP_HOST header (you may need to set ALLOWED_HOSTS): 127.0.0.1:8000

This message (and Django documentation) advises me to write ALLOWED_HOSTS = ['127.0.0.1:8000'] in my settings, which didn't have ALLOWED_HOSTS. However this doesn't work because django.http.request.validate_host validates the domain of 127.0.0.1:8000, which is 127.0.0.1. With ALLOWED_HOSTS = ['127.0.0.1'] in the settings my project works well.

Therefore the message "Invalid HTTP_HOST header (you may need to set ALLOWED_HOSTS): 127.0.0.1:8000" is confusing and I think port number shouldn't appear in it. This problem is more global than my development environment as some person may choose to host his Django website at http://example.com:8000/.

Change History (1)

comment:1 Changed 2 years ago by bmispelon

  • Cc bmispelon@… added
  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset
  • Resolution set to duplicate
  • Status changed from new to closed

This is a duplicate of #20038.

Note: See TracTickets for help on using tickets.
Back to Top