mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-07-19 09:09:13 +00:00
Code Issues 32 Releases Wiki Activity

[1.9.x] Fixed #26419 -- Added a link in ALLOWED_HOSTS docs.

Browse Source 
Backport of f8b31dfdfc0cf6a516bcbc10c4e2f696ce3a9bda from master
This commit is contained in:
Joshua Pereyda 2016-03-29 10:37:28 -07:00 committed by Tim Graham
parent dd1ab14990
commit f8b88f6a6b
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
docs/ref/settings.txt
View File

@ -65,9 +65,8 @@ See :doc:`/howto/error-reporting` for more information.
Default: ``[]`` (Empty list)
A list of strings representing the host/domain names that this Django site can
serve. This is a security measure to prevent an attacker from poisoning caches
and triggering password reset emails with links to malicious hosts by submitting
requests with a fake HTTP ``Host`` header, which is possible even under many
serve. This is a security measure to prevent :ref:`HTTP Host header attacks
<host-headers-virtual-hosting>`, which are possible even under many
seemingly-safe web server configurations.
Values in this list can be fully qualified names (e.g. ``'www.example.com'``),