From c7b68a782f53cf177d659f0537a36923df95f3f0 Mon Sep 17 00:00:00 2001
From: Stephen Finucane <stephen@that.guru>
Date: Tue, 7 Feb 2017 21:47:16 +0000
Subject: [PATCH] settings: Wildcard 'ALLOWED_HOSTS' settings

Django 1.10.3, 1.9.11 and 1.8.16 changed default behavior for
ALLOWED_HOSTS to prevent DNS rebinding attacks [1]. Unfortunately this
also means we can't access the development Docker or Vagrant installs
by IP address. Sidestep the issue by wildcarding the 'ALLOWED_HOSTS'
setting for development, thus allowing connections from any IP.

[1] https://docs.djangoproject.com/en/1.10/ref/settings/#allowed-hosts

Signed-off-by: Stephen Finucane <stephen@that.guru>
Reviewed-by: Daniel Axtens <dja@axtens.net>
---
 patchwork/settings/dev.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/patchwork/settings/dev.py b/patchwork/settings/dev.py
index a084d6a1..ee5b203d 100644
--- a/patchwork/settings/dev.py
+++ b/patchwork/settings/dev.py
@@ -18,6 +18,9 @@ from .base import *  # noqa
 # https://docs.djangoproject.com/en/1.8/ref/settings/#core-settings
 #
 
+
+ALLOWED_HOSTS = ['*']
+
 SECRET_KEY = '00000000000000000000000000000000000000000000000000'  # noqa
 
 DEBUG = True
-- 
2.47.3