Django notes: Difference between revisions
Jump to navigation
Jump to search
(Created page with "{{stub}} ===Auth=== ===Sessions=== <!-- SessionMiddleware is on by default in projects created via django-admin startproject : In other cases, ensure django.contrib.ses...") |
|||
Line 33: | Line 33: | ||
ALLOWED_HOSTS should contain a list of the host/domain names that this Django site can serve. | ALLOWED_HOSTS should contain a list of the host/domain names that this Django site can serve. | ||
It's empty | It's empty when you start a project, to make you do this explicitly and knowingly | ||
...because it's protection against some exploits based on Host headers. | |||
See also | See also | ||
* https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts | * https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts |
Revision as of 16:10, 13 September 2022
✎ This article/section is a stub — some half-sorted notes, not necessarily checked, not necessarily correct. Feel free to ignore, or tell me about it.
Auth
Sessions
Errors
ModuleNotFoundError
If hosting via mod_wsgi, you probably want to add python-path=/path/to/app to your WSGIDaemonProcess line
DisallowedHost at /
ALLOWED_HOSTS should contain a list of the host/domain names that this Django site can serve.
It's empty when you start a project, to make you do this explicitly and knowingly
...because it's protection against some exploits based on Host headers.
See also