HttpRequest.get_host() doesn't include the port from META['HTTP_X_FORWARDED_PORT'].

[dgcgh]

request.get_port() should include the port of the authority if it is not 80 for http or 443 for https. Currently this does not happen when HTTP_X_FORWARDED_HOST is present in request.META.

This causes issues for e.g. request.build_absolute_uri() if the django app is running behind a reverse proxy on a non-standard port.

Example would be: nginx is listening on port 8443 and forwarding to a django server listening on port 8001:

server {
    listen      8443 ssl;
    server_name         localhost.example.com

   location / {
        proxy_pass  http://localhost:8001;
        # include     /etc/nginx/uwsgi_params;
        proxy_cache_bypass  $http_upgrade;

        proxy_set_header Upgrade           $http_upgrade;
        proxy_set_header Connection        "upgrade";
        proxy_set_header Host              $host;
        proxy_set_header X-Real-IP         $remote_addr;
        proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Host  $host;
        proxy_set_header X-Forwarded-Port  $server_port;
    }
}

In this case URIs built with request.build_absolute_uri() in a django app will exclude the port, i.e.:
request.build_django_uri("/") == "https://localhost.example.com/"
where it should return "​https://localhost.example.com:8443/"

[dgcgh]

PR: ​https://github.com/django/django/pull/12550

[dgcgh]

I think the problem here might be that django assumes X-Forwarded-Host will include the port number, as opposed to putting the port number in X-Forwarded-Port.

I can get the correct behavior by setting the nginx header as:

proxy_set_header X-Forwarded-Host  $host:$server_port;

and disabling USE_X_FORWARDED_PORT .
I take it that X-Forwarded-Port is not popular, so maybe this bug is not worth fixing, but I will update my PR with a more explicit solution.

[Florian Apolloner]

LGTM, ses my comment on the PR for a small change.

[Mariusz Felisiak]

​New PR

[LightChain09]

As far as I can see, there already is documentation about the patch, so I changed the "Needs documentation" tag.

[SREEHARI K.V]

I'd like to work on this bug.
I notice that ​https://github.com/django/django/pull/12844 has been closed due to inactivity.
Can I pick up where Apollo13 left off or start from scratch?

[Jacob Walls]

Ordinarily yes, you can start from a previous attempt and credit the prior author as a ​co-author in the commit message.

[Mateusz Kurowski]

Hello, i seen multiple pull requests that have their origin in this issue - when it comes to host and port with proxy protocol - does it need some big rewrite in the django source?

[Sage Abdullah]

​New PR is available, and looks like it hasn't been reviewed so I'm removing the "patch needs improvement" flag.