get_self_url_host can generate broken hostnames

Question

get_self_url_host can generate broken hostnames

lvanderree opened this issue a year ago · 1 comments

When running a (Django) application in a (docker) container, chances are there that you are exposing your application on a different port than the application is running.

in that case current_host includes the port from the request (exposed via the container), while port_suffix is the internally known port (from the app). In that case you can get for example "saml_sp_host:1080:8000"

this is the result of:

onelogin/saml2/utils.py:267

            if not current_host.endswith(port_suffix):
                if not ((protocol == 'https' and port_suffix == ':443') or (protocol == 'http' and port_suffix == ':80')):
                    current_host += port_suffix

maybe it is better to explode on : in the current_host, instead of checking the end of the string

Answer 1 · 2023-05-15T10:17:56.000Z

@lvanderree Do you have a PR?