test0908
/
django
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fixed #26419 -- Added a link in ALLOWED_HOSTS docs.

This commit is contained in:
Joshua Pereyda 2016-03-29 10:37:28 -07:00 committed by Tim Graham
parent 99bb7fcc18
commit f8b31dfdfc
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
docs/ref/settings.txt
View File

@ -65,9 +65,8 @@ See :doc:`/howto/error-reporting` for more information.
Default: ``[]`` (Empty list) Default: ``[]`` (Empty list)
A list of strings representing the host/domain names that this Django site can A list of strings representing the host/domain names that this Django site can
serve. This is a security measure to prevent an attacker from poisoning caches serve. This is a security measure to prevent :ref:`HTTP Host header attacks
and triggering password reset emails with links to malicious hosts by submitting <host-headers-virtual-hosting>`, which are possible even under many
requests with a fake HTTP ``Host`` header, which is possible even under many
seemingly-safe web server configurations. seemingly-safe web server configurations.
Values in this list can be fully qualified names (e.g. ``'www.example.com'``), Values in this list can be fully qualified names (e.g. ``'www.example.com'``),