netutil.is_valid_ip uses getaddrinfo in AI_NUMERICHOST mode to parse IP addresses. This method accepts some surprising formats (e.g. "x.y" is parsed as x.(y >> 16).((y>>8)&0xff).(y&0xff), at least on mac and linux). It would be good to limit this to a more formal specification (e.g. the one in http://tools.ietf.org/html/rfc3986#section-3.2.2, which is cited in http://tools.ietf.org/html/draft-ietf-appsawg-http-forwarded-10#section-6.1).
x.(y >> 16).((y>>8)&0xff).(y&0xff)