paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-11-14 10:57:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

settings: Stop enabling USE_X_FORWARDED_HOST by default.

Browse Source 
This was added in 1fded25025, and is not
necessary for standard Zulip installs.  While both Host: and
X-Forwarded-Host: are nominally untrusted, there is no reason to
complicate the deployment by defaulting it on.
This commit is contained in:
Alex Vandiver
2022-04-08 13:33:49 -07:00
parent 4b3f68382c
commit 40968fda49
1 changed files with 0 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
zproject/computed_settings.py
View File

@@ -152,8 +152,6 @@ USE_TZ = True
# this directory will be used to store logs for development environment # this directory will be used to store logs for development environment
DEVELOPMENT_LOG_DIRECTORY = os.path.join(DEPLOY_ROOT, "var", "log") DEVELOPMENT_LOG_DIRECTORY = os.path.join(DEPLOY_ROOT, "var", "log")
# Make redirects work properly behind a reverse proxy
USE_X_FORWARDED_HOST = True
# Extend ALLOWED_HOSTS with localhost (needed to RPC to Tornado), # Extend ALLOWED_HOSTS with localhost (needed to RPC to Tornado),
ALLOWED_HOSTS += ["127.0.0.1", "localhost"] ALLOWED_HOSTS += ["127.0.0.1", "localhost"]