fureunoir/schon
fureunoir/schon
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fixes: fix BlockInvalidHostMiddleware

Browse source
This commit is contained in:
Egor Pavlovich Gorbunov 2025-06-05 19:00:22 +03:00
parent fcfa6fdc20
commit 8e7a6caae9
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
evibes/middleware.py
View file

@ -4,7 +4,7 @@ from os import getenv
from constance import config from constance import config
from django.contrib.auth.models import AnonymousUser from django.contrib.auth.models import AnonymousUser
from django.core.exceptions import DisallowedHost from django.core.exceptions import BadRequest, DisallowedHost
from django.http import HttpResponseForbidden from django.http import HttpResponseForbidden
from django.middleware.common import CommonMiddleware from django.middleware.common import CommonMiddleware
from django.middleware.locale import LocaleMiddleware from django.middleware.locale import LocaleMiddleware
@ -68,6 +68,8 @@ class BlockInvalidHostMiddleware:
def __call__(self, request): def __call__(self, request):
allowed_hosts = getenv("ALLOWED_HOSTS").split(" ") allowed_hosts = getenv("ALLOWED_HOSTS").split(" ")
if not hasattr(request, "META"):
return BadRequest("Invalid Request")
if request.META.get("HTTP_HOST") not in allowed_hosts and "*" not in allowed_hosts: if request.META.get("HTTP_HOST") not in allowed_hosts and "*" not in allowed_hosts:
return HttpResponseForbidden("Invalid Host Header") return HttpResponseForbidden("Invalid Host Header")
return self.get_response(request) return self.get_response(request)