settings: Wildcard 'ALLOWED_HOSTS' settings

Django 1.10.3, 1.9.11 and 1.8.16 changed default behavior for ALLOWED_HOSTS to prevent DNS rebinding attacks [1]. Unfortunately this also means we can't access the development Docker or Vagrant installs by IP address. Sidestep the issue by wildcarding the 'ALLOWED_HOSTS' setting for development, thus allowing connections from any IP. [1] https://docs.djangoproject.com/en/1.10/ref/settings/#allowed-hosts Signed-off-by: Stephen Finucane <stephen@that.guru> Reviewed-by: Daniel Axtens <dja@axtens.net>
author: Stephen Finucane <stephen@that.guru> 2017-02-07 21:47:16 +0000
committer: Stephen Finucane <stephen@that.guru> 2017-03-01 22:11:04 +0000
commit: c7b68a782f53cf177d659f0537a36923df95f3f0 (patch)
tree: 47e9a9e1daa5f7852bdf26dd165ccc7930f3fbcc /patchwork/settings
parent: 9f7c45a5f2527372db4f3abf7d28569e1433edef (diff)
download: patchwork-c7b68a782f53cf177d659f0537a36923df95f3f0.tar
patchwork-c7b68a782f53cf177d659f0537a36923df95f3f0.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/patchwork/settings/dev.py b/patchwork/settings/dev.py
index a084d6a..ee5b203 100644
--- a/patchwork/settings/dev.py
+++ b/patchwork/settings/dev.py
@@ -18,6 +18,9 @@ from .base import *  # noqa
 # https://docs.djangoproject.com/en/1.8/ref/settings/#core-settings
 #
 
+
+ALLOWED_HOSTS = ['*']
+
 SECRET_KEY = '00000000000000000000000000000000000000000000000000'  # noqa
 
 DEBUG = True
author	Stephen Finucane <stephen@that.guru>	2017-02-07 21:47:16 +0000
committer	Stephen Finucane <stephen@that.guru>	2017-03-01 22:11:04 +0000
commit	c7b68a782f53cf177d659f0537a36923df95f3f0 (patch)
tree	47e9a9e1daa5f7852bdf26dd165ccc7930f3fbcc /patchwork/settings
parent	9f7c45a5f2527372db4f3abf7d28569e1433edef (diff)
download	patchwork-c7b68a782f53cf177d659f0537a36923df95f3f0.tar patchwork-c7b68a782f53cf177d659f0537a36923df95f3f0.tar.gz