From 6bdeed1b811ddf9a920e925ad05d82cffbf13c3a Mon Sep 17 00:00:00 2001
From: Michael Manfre <mmanfre@gmail.com>
Date: Wed, 1 May 2013 12:13:09 -0600
Subject: [PATCH] Fixed #20338 - Document FQDN behavior with ALLOWED_HOSTS

---
 docs/ref/settings.txt | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/docs/ref/settings.txt b/docs/ref/settings.txt
index 01c9089028..f2d418d4d9 100644
--- a/docs/ref/settings.txt
+++ b/docs/ref/settings.txt
@@ -79,6 +79,20 @@ responsible to provide your own validation of the ``Host`` header (perhaps in a
 middleware; if so this middleware must be listed first in
 :setting:`MIDDLEWARE_CLASSES`).
 
+.. note::
+
+    If you want to also allow the `fully qualified domain name (FQDN)`_, which
+    some browsers can send in the Host header, you must explicitly add another
+    ALLOWED_HOSTS entry that includes a trailing period. This entry can also be
+    a subdomain wildcard::
+
+        ALLOWED_HOSTS = [
+            '.example.com', # Allow domain and subdomains
+            '.example.com.', # Also allow FQDN and subdomains
+        ]
+
+.. _`fully qualified domain name (FQDN)`: http://en.wikipedia.org/wiki/Fully_qualified_domain_name
+
 If the ``Host`` header (or ``X-Forwarded-Host`` if
 :setting:`USE_X_FORWARDED_HOST` is enabled) does not match any value in this
 list, the :meth:`django.http.HttpRequest.get_host()` method will raise