Loading django/conf/global_settings.py +1 −0 Original line number Diff line number Diff line Loading @@ -428,6 +428,7 @@ DEFAULT_INDEX_TABLESPACE = '' X_FRAME_OPTIONS = 'SAMEORIGIN' USE_X_FORWARDED_HOST = False USE_X_FORWARDED_PORT = False # The Python dotted path to the WSGI application that Django's internal server # (runserver) will use. If `None`, the return value of Loading django/http/request.py +9 −1 Original line number Diff line number Diff line Loading @@ -79,7 +79,7 @@ class HttpRequest(object): else: # Reconstruct the host using the algorithm from PEP 333. host = self.META['SERVER_NAME'] server_port = str(self.META['SERVER_PORT']) server_port = self.get_port() if server_port != ('443' if self.is_secure() else '80'): host = '%s:%s' % (host, server_port) Loading @@ -98,6 +98,14 @@ class HttpRequest(object): msg += " The domain name provided is not valid according to RFC 1034/1035." raise DisallowedHost(msg) def get_port(self): """Return the port number for the request as a string.""" if settings.USE_X_FORWARDED_PORT and 'HTTP_X_FORWARDED_PORT' in self.META: port = self.META['HTTP_X_FORWARDED_PORT'] else: port = self.META['SERVER_PORT'] return str(port) def get_full_path(self, force_append_slash=False): # RFC 3986 requires query string arguments to be in the ASCII range. # Rather than crash if this doesn't happen, we encode defensively. Loading docs/ref/request-response.txt +8 −0 Original line number Diff line number Diff line Loading @@ -254,6 +254,14 @@ Methods :class:`~django.middleware.common.CommonMiddleware` or :class:`~django.middleware.csrf.CsrfViewMiddleware`. .. method:: HttpRequest.get_port() .. versionadded:: 1.9 Returns the originating port of the request using information from the ``HTTP_X_FORWARDED_PORT`` (if :setting:`USE_X_FORWARDED_PORT` is enabled) and ``SERVER_PORT`` ``META`` variables, in that order. .. method:: HttpRequest.get_full_path() Returns the ``path``, plus an appended query string, if applicable. Loading docs/ref/settings.txt +14 −0 Original line number Diff line number Diff line Loading @@ -2621,6 +2621,19 @@ A boolean that specifies whether to use the X-Forwarded-Host header in preference to the Host header. This should only be enabled if a proxy which sets this header is in use. .. setting:: USE_X_FORWARDED_PORT USE_X_FORWARDED_PORT -------------------- .. versionadded:: 1.9 Default: ``False`` A boolean that specifies whether to use the X-Forwarded-Port header in preference to the ``SERVER_PORT`` ``META`` variable. This should only be enabled if a proxy which sets this header is in use. .. setting:: WSGI_APPLICATION WSGI_APPLICATION Loading Loading @@ -3329,6 +3342,7 @@ HTTP * :setting:`SIGNING_BACKEND` * :setting:`USE_ETAGS` * :setting:`USE_X_FORWARDED_HOST` * :setting:`USE_X_FORWARDED_PORT` * :setting:`WSGI_APPLICATION` Logging Loading docs/releases/1.9.txt +3 −0 Original line number Diff line number Diff line Loading @@ -538,6 +538,9 @@ Requests and Responses returning an :class:`~django.http.HttpResponseForbidden` so that :data:`~django.conf.urls.handler403` is invoked. * Added :meth:`HttpRequest.get_port() <django.http.HttpRequest.get_port>` to fetch the originating port of the request. Tests ^^^^^ Loading Loading
django/conf/global_settings.py +1 −0 Original line number Diff line number Diff line Loading @@ -428,6 +428,7 @@ DEFAULT_INDEX_TABLESPACE = '' X_FRAME_OPTIONS = 'SAMEORIGIN' USE_X_FORWARDED_HOST = False USE_X_FORWARDED_PORT = False # The Python dotted path to the WSGI application that Django's internal server # (runserver) will use. If `None`, the return value of Loading
django/http/request.py +9 −1 Original line number Diff line number Diff line Loading @@ -79,7 +79,7 @@ class HttpRequest(object): else: # Reconstruct the host using the algorithm from PEP 333. host = self.META['SERVER_NAME'] server_port = str(self.META['SERVER_PORT']) server_port = self.get_port() if server_port != ('443' if self.is_secure() else '80'): host = '%s:%s' % (host, server_port) Loading @@ -98,6 +98,14 @@ class HttpRequest(object): msg += " The domain name provided is not valid according to RFC 1034/1035." raise DisallowedHost(msg) def get_port(self): """Return the port number for the request as a string.""" if settings.USE_X_FORWARDED_PORT and 'HTTP_X_FORWARDED_PORT' in self.META: port = self.META['HTTP_X_FORWARDED_PORT'] else: port = self.META['SERVER_PORT'] return str(port) def get_full_path(self, force_append_slash=False): # RFC 3986 requires query string arguments to be in the ASCII range. # Rather than crash if this doesn't happen, we encode defensively. Loading
docs/ref/request-response.txt +8 −0 Original line number Diff line number Diff line Loading @@ -254,6 +254,14 @@ Methods :class:`~django.middleware.common.CommonMiddleware` or :class:`~django.middleware.csrf.CsrfViewMiddleware`. .. method:: HttpRequest.get_port() .. versionadded:: 1.9 Returns the originating port of the request using information from the ``HTTP_X_FORWARDED_PORT`` (if :setting:`USE_X_FORWARDED_PORT` is enabled) and ``SERVER_PORT`` ``META`` variables, in that order. .. method:: HttpRequest.get_full_path() Returns the ``path``, plus an appended query string, if applicable. Loading
docs/ref/settings.txt +14 −0 Original line number Diff line number Diff line Loading @@ -2621,6 +2621,19 @@ A boolean that specifies whether to use the X-Forwarded-Host header in preference to the Host header. This should only be enabled if a proxy which sets this header is in use. .. setting:: USE_X_FORWARDED_PORT USE_X_FORWARDED_PORT -------------------- .. versionadded:: 1.9 Default: ``False`` A boolean that specifies whether to use the X-Forwarded-Port header in preference to the ``SERVER_PORT`` ``META`` variable. This should only be enabled if a proxy which sets this header is in use. .. setting:: WSGI_APPLICATION WSGI_APPLICATION Loading Loading @@ -3329,6 +3342,7 @@ HTTP * :setting:`SIGNING_BACKEND` * :setting:`USE_ETAGS` * :setting:`USE_X_FORWARDED_HOST` * :setting:`USE_X_FORWARDED_PORT` * :setting:`WSGI_APPLICATION` Logging Loading
docs/releases/1.9.txt +3 −0 Original line number Diff line number Diff line Loading @@ -538,6 +538,9 @@ Requests and Responses returning an :class:`~django.http.HttpResponseForbidden` so that :data:`~django.conf.urls.handler403` is invoked. * Added :meth:`HttpRequest.get_port() <django.http.HttpRequest.get_port>` to fetch the originating port of the request. Tests ^^^^^ Loading
