Update middleware to validate hosts and conditionally log errors
Replaced hardcoded host checks with a dynamic check using `ALLOWED_HOSTS` from environment variables. Adjusted exception logging to include tracebacks only when the `DEBUG` environment variable is enabled.
This commit is contained in:
parent
04a89be549
commit
4bd037b828
1 changed files with 4 additions and 2 deletions
|
|
@ -1,5 +1,6 @@
|
||||||
import logging
|
import logging
|
||||||
import traceback
|
import traceback
|
||||||
|
from os import getenv
|
||||||
|
|
||||||
from constance import config
|
from constance import config
|
||||||
from django.contrib.auth.models import AnonymousUser
|
from django.contrib.auth.models import AnonymousUser
|
||||||
|
|
@ -68,7 +69,7 @@ class BlockInvalidHostMiddleware:
|
||||||
self.get_response = get_response
|
self.get_response = get_response
|
||||||
|
|
||||||
def __call__(self, request):
|
def __call__(self, request):
|
||||||
if request.META.get("HTTP_HOST") in ["0.0.0.0", None, ""]:
|
if request.META.get("HTTP_HOST") not in getenv("ALLOWED_HOSTS").split(" "):
|
||||||
return HttpResponseForbidden("Invalid Host Header")
|
return HttpResponseForbidden("Invalid Host Header")
|
||||||
return self.get_response(request)
|
return self.get_response(request)
|
||||||
|
|
||||||
|
|
@ -79,6 +80,7 @@ class GrapheneLoggingErrorsDebugMiddleware:
|
||||||
return next(root, info, **args)
|
return next(root, info, **args)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
logger.error("Error occurred in GraphQL execution:", exc_info=True)
|
logger.error("Error occurred in GraphQL execution:", exc_info=True)
|
||||||
logger.error(traceback.format_exc())
|
if bool(int(getenv("DEBUG"))):
|
||||||
|
logger.error(traceback.format_exc())
|
||||||
capture_exception(e)
|
capture_exception(e)
|
||||||
raise e
|
raise e
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue