Allowed host fix (#6682)

* Update ALLOWED_HOSTS - Simplify backup logic - Remove schema prefix * Fix typo
2024-08-30 18:33:04 +00:00 · 2024-03-13 09:06:47 +11:00 · 2024-03-13 09:06:47 +11:00 · 011f19cf61
commit 011f19cf61
parent e764833f1f
1 changed files with 14 additions and 9 deletions
--- a/InvenTree/InvenTree/settings.py
+++ b/InvenTree/InvenTree/settings.py
@ -998,19 +998,24 @@ ALLOWED_HOSTS = get_setting(
    typecast=list,
 )

-if DEBUG and not ALLOWED_HOSTS:
-    logger.warning(
-        'No ALLOWED_HOSTS specified. Defaulting to ["*"] for debug mode. This is not recommended for production use'
-    )
-    ALLOWED_HOSTS = ['*']
-
 if SITE_URL and SITE_URL not in ALLOWED_HOSTS:
    ALLOWED_HOSTS.append(SITE_URL)

 if not ALLOWED_HOSTS:
-    logger.error(
-        'No ALLOWED_HOSTS specified. Please provide a list of allowed hosts, or specify INVENTREE_SITE_URL'
-    )
+    if DEBUG:
+        logger.info(
+            'No ALLOWED_HOSTS specified. Defaulting to ["*"] for debug mode. This is not recommended for production use'
+        )
+        ALLOWED_HOSTS = ['*']
+    else:
+        logger.error(
+            'No ALLOWED_HOSTS specified. Please provide a list of allowed hosts, or specify INVENTREE_SITE_URL'
+        )
+
+# Ensure that the ALLOWED_HOSTS do not contain any scheme info
+for i, host in enumerate(ALLOWED_HOSTS):
+    if '://' in host:
+        ALLOWED_HOSTS[i] = host.split('://')[1]

 # List of trusted origins for unsafe requests
 # Ref: https://docs.djangoproject.com/en/4.2/ref/settings/#csrf-trusted-origins