diff options
Diffstat (limited to 'django/http/request.py')
| -rw-r--r-- | django/http/request.py | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/django/http/request.py b/django/http/request.py index e222081450..9f9f32b1b4 100644 --- a/django/http/request.py +++ b/django/http/request.py @@ -68,14 +68,19 @@ class HttpRequest(object): if server_port != ('443' if self.is_secure() else '80'): host = '%s:%s' % (host, server_port) - allowed_hosts = ['*'] if settings.DEBUG else settings.ALLOWED_HOSTS + # There is no hostname validation when DEBUG=True + if settings.DEBUG: + return host + domain, port = split_domain_port(host) - if domain and validate_host(domain, allowed_hosts): + if domain and validate_host(domain, settings.ALLOWED_HOSTS): return host else: msg = "Invalid HTTP_HOST header: %r." % host if domain: msg += "You may need to add %r to ALLOWED_HOSTS." % domain + else: + msg += "The domain name provided is not valid according to RFC 1034/1035" raise DisallowedHost(msg) def get_full_path(self): |