#9064: Redirect is broken when HTTP_X_FORWARDED_HOST contains multiple hosts
-------------------------------+------------------------------------
Reporter: Artur | Owner: nobody
Type: Bug | Status: closed
Component: HTTP handling | Version: 1.0
Severity: Normal | Resolution: wontfix
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 1
Easy pickings: 0 | UI/UX: 0
-------------------------------+------------------------------------
Changes (by aaugustin):
* status: new => closed
* resolution: => wontfix
Comment:
Django no longer interprets X-Forwarded-Host headers by default, for
security reasons. See also #6880.
Generally speaking this header isn't necessary if proxies under the
owner's control are properly configured.
So I'm going to close this ticket, essentially for the reasons given by
Malcolm in comment 5.
--
Ticket URL: <https://code.djangoproject.com/ticket/9064#comment:11>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit https://groups.google.com/groups/opt_out.
