id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
32578	Handle request.get_host() raising DisallowedHost in CsrfViewMiddleware._origin_verified()	Chris Jerdonek	Chris Jerdonek	"Currently, on this line, `CsrfViewMiddleware._origin_verified()` doesn't handle `request.get_host()` raising `DisallowedHost`:
https://github.com/django/django/blob/41e6b2a3c5e723256506b9ff49437d52a1f3bf43/django/middleware/csrf.py#L229-L231

Since Django was previously fixed to handle `request.get_host()` raising `DisallowedHost` elsewhere in `CsrfViewMiddleware.process_view()` (see ticket #28693), it seems like it should be handled here, too.
"	Bug	closed	CSRF	dev	Normal	fixed	CsrfViewMiddleware,DisallowedHost		Accepted	1	0	0	0	1	0