2013/11/29 Joseph Mutumi <jjmutumi@gmail.com>
That could work but isn't it a bit insecure? I think it will be susceptible to a header injection(http://en.wikipedia.org/wiki/HTTP_header_injection). I would rather create a setting with the domain name in settings.py and then call it from the template or write a custom template tag.
Check Django's ALLOWED_HOSTS [1] setting, it is supposed to account for this, and Django 1.5+ requires you to explicitly set it in order to run a site with DEBUG=False
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAP5dYfP%2BJgrDnnN_aCNRwdaO8bQbkRB36eUQJef8g4T5BRj_Cg%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.
No comments:
Post a Comment