1

I am hosting on GAE and want to be able to access different versions without promoting them. Currently, I get a 400 error: Invalid HTTP_HOST header: '1234568-dot-myapp.ey.r.appspot.com'. You may need to add '1234568-dot-myapp.ey.r.appspot.com' to ALLOWED_HOSTS.

How can I add the URL to ALLOWED_HOSTS, so that I can access any version of my app? Currently, my ALLOWED_HOSTS looks like this:

APPENGINE_URL = env("APPENGINE_URL", default=None)
if APPENGINE_URL:
    if not urlparse(APPENGINE_URL).scheme:
        APPENGINE_URL = f"https://{APPENGINE_URL}"

    ALLOWED_HOSTS = [urlparse(APPENGINE_URL).netloc,
                     'my-personal-domain.com']
    CSRF_TRUSTED_ORIGINS = [APPENGINE_URL,
                            'https://my-personal-domain.com']
    SECURE_SSL_REDIRECT = True
else:
    ALLOWED_HOSTS = ["*"]

From my understanding, wildcards only work for sub-domains. How can I add something like this to the allowed hosts? [version-number]-dot-myapp.ey.r.appspot.com

Thanks!

Basley
  • 79
  • 12
  • You could add `[".ey.r.appspot.com"]` which will match against any subdomain of `ey.r.appspot.com`. But this could not prevent HTTP Host header attacks from other apps hosted on the same platform. But maybe this is enough for protected test environments? – Marco Jun 03 '22 at 13:58
  • Not ideal, because the versions still use the same database, and I only need the versions to test that I have not made any critical error that would cause a 500 error for users. Right now if I push an update and forget to add a package to requirements, users get a 500 error, which I would like to verify first – Basley Jun 03 '22 at 15:16
  • Try adding your host server ip to the ALLOWED_HOST. You may refer to this [Stackoverflow case](https://stackoverflow.com/questions/57545934/you-may-need-to-add-u127-0-0-1-to-allowed-hosts). – Mousumi Roy Jun 06 '22 at 08:04

0 Answers0