inventree/InvenTree
2
0
Fork 0
mirror of https://github.com/inventree/InvenTree.git synced 2025-05-03 13:58:47 +00:00
Code

Allowed host fix (#6682)

Browse Source 
* Update ALLOWED_HOSTS

- Simplify backup logic
- Remove schema prefix

* Fix typo
This commit is contained in:
Oliver 2024-03-13 09:06:47 +11:00 committed by GitHub
parent e764833f1f
commit 011f19cf61
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 14 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
InvenTree/InvenTree/settings.py
View File

@ -998,20 +998,25 @@ ALLOWED_HOSTS = get_setting(
typecast=list, typecast=list,
) )
if DEBUG and not ALLOWED_HOSTS:
logger.warning(
'No ALLOWED_HOSTS specified. Defaulting to ["*"] for debug mode. This is not recommended for production use'
)
ALLOWED_HOSTS = ['*']
if SITE_URL and SITE_URL not in ALLOWED_HOSTS: if SITE_URL and SITE_URL not in ALLOWED_HOSTS:
ALLOWED_HOSTS.append(SITE_URL) ALLOWED_HOSTS.append(SITE_URL)
if not ALLOWED_HOSTS: if not ALLOWED_HOSTS:
if DEBUG:
logger.info(
'No ALLOWED_HOSTS specified. Defaulting to ["*"] for debug mode. This is not recommended for production use'
)
ALLOWED_HOSTS = ['*']
else:
logger.error( logger.error(
'No ALLOWED_HOSTS specified. Please provide a list of allowed hosts, or specify INVENTREE_SITE_URL' 'No ALLOWED_HOSTS specified. Please provide a list of allowed hosts, or specify INVENTREE_SITE_URL'
) )
# Ensure that the ALLOWED_HOSTS do not contain any scheme info
for i, host in enumerate(ALLOWED_HOSTS):
if '://' in host:
ALLOWED_HOSTS[i] = host.split('://')[1]
# List of trusted origins for unsafe requests # List of trusted origins for unsafe requests
# Ref: https://docs.djangoproject.com/en/4.2/ref/settings/#csrf-trusted-origins # Ref: https://docs.djangoproject.com/en/4.2/ref/settings/#csrf-trusted-origins
CSRF_TRUSTED_ORIGINS = get_setting( CSRF_TRUSTED_ORIGINS = get_setting(