Permalink
Browse files

Split out port from host

The host header also gives out port with it, so it should be split out
of it. Since in a url, the string before the last colon (:) is the
host domain, we grab that one as host.

Signed-off-by: Rohan Jain <crodjer@gmail.com>
  • Loading branch information...
1 parent 97733ce commit e49531f94e1cf84e512a628f39782cd1a66b2e26 @crodjer committed Jul 8, 2012
Showing with 5 additions and 1 deletion.
  1. +5 −1 django/middleware/csrf.py
@@ -114,8 +114,12 @@ def process_view(self, request, callback, callback_args, callback_kwargs):
# branches that call reject().
return self._accept(request)
- # Note that host includes the port.
host = request.META.get('HTTP_HOST', '')
+ # Note that host includes the port, so we split that out.
+ # If the host has port specified (checked with ':') then, grab the
+ # host domain from the string before the last ':'.
+ host = host.split(':')[-2] if ':' in host else host
+
origin = request.META.get('HTTP_ORIGIN')
permitted_domains = getattr(settings, 'CSRF_PERMITTED_DOMAINS', [host])

0 comments on commit e49531f

Please sign in to comment.