Bug #15548
cookie de domaine vs SERVER_NAME = 'localhost'
Start date:
22 March 2017
Due date:
% Done:
100%
Estimated time:
Patch proposed:
Yes
Planning:
Description
common_domain = app_settings.OPENED_SESSION_COOKIE_DOMAIN
if not common_domain:
common_domain = request.META['SERVER_NAME'].split('.', 1)[1]
Ça explose quand SERVER_NAME vaut "localhost" (ou autre nom "simple").
Files
Associated revisions
History
Updated by Benjamin Dauvergne over 5 years ago
- File 0001-middleware-improve-condition-to-automatically-determ.patch 0001-middleware-improve-condition-to-automatically-determ.patch added
- Patch proposed changed from No to Yes
Updated by Thomas Noël over 5 years ago
Ack
à lire la doc sur ALLOWED_HOSTS qui est par défaut ['localhost', '127.0.0.1', '[::1]'] je me dis que les ipv6 sont peut-être rendues au format [truc] mais j'ai la flemme de vérifier.
Updated by Benjamin Dauvergne over 5 years ago
- Status changed from Nouveau to Résolu (à déployer)
- % Done changed from 0 to 100
Appliqué par commit django-mellon|688067f27068f6c0450d76f67c71b7419db78138.
middleware: improve condition to automatically determine a common domain (fixes #15548)
It works if:
- HTTP Host is a domain name and not an IP address (IPv6 address will not pass
this test, they lack dots),
- domain contains at least three components.