Confusing SuspiciousOperation exception about ALLOWED_HOSTS when using hosts with port number

[nicolas.iooss_django@…]

In a new project, right after I switched DEBUG setting to False in my development environment settings, I get HTTP 500 error on every page with following error mail when I browse ​http://127.0.0.1:8000/.

Traceback (most recent call last):

  File "/usr/lib/python2.7/site-packages/django/core/handlers/base.py", line 92, in get_response
    response = middleware_method(request)

  File "/usr/lib/python2.7/site-packages/django/middleware/common.py", line 57, in process_request
    host = request.get_host()

  File "/usr/lib/python2.7/site-packages/django/http/request.py", line 72, in get_host
    "Invalid HTTP_HOST header (you may need to set ALLOWED_HOSTS): %s" % host)

SuspiciousOperation: Invalid HTTP_HOST header (you may need to set ALLOWED_HOSTS): 127.0.0.1:8000

This message (and Django documentation) advises me to write ALLOWED_HOSTS = ['127.0.0.1:8000'] in my settings, which didn't have ALLOWED_HOSTS. However this doesn't work because django.http.request.validate_host validates the domain of 127.0.0.1:8000, which is 127.0.0.1. With ALLOWED_HOSTS = ['127.0.0.1'] in the settings my project works well.

Therefore the message "Invalid HTTP_HOST header (you may need to set ALLOWED_HOSTS): 127.0.0.1:8000" is confusing and I think port number shouldn't appear in it. This problem is more global than my development environment as some person may choose to host his Django website at ​http://example.com:8000/.

[Baptiste Mispelon]

This is a duplicate of #20038.