mirror of
https://git.yoctoproject.org/poky
synced 2026-02-05 16:28:43 +01:00
ae9b341ecf
This is a backport of 7c3a47ed89
>From the commit to master:
As of Django 1.8.16, Django is rejecting any HTTP_HOST header that is
not on the ALLOWED_HOST list. We often need to reference the toaster
server via a fqdn, if we start it via webport=0.0.0.0:8000 for instance,
and are hitting the server from a laptop. This change does reduce the
protection from a DNS rebinding attack, however, if you are running the
toaster server outside a protected network, you should be using the
production instance.
[YOCTO #10586]
(Bitbake rev: 449dc9b955dfbe048e380f5ab9fd61c3d1489dad)
Signed-off-by: brian avery <brian.avery@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>