From ad2205e59616c90256afbb908ed95afaa2c24482 Mon Sep 17 00:00:00 2001 From: Tom Hacohen Date: Mon, 28 Dec 2020 10:57:40 +0200 Subject: [PATCH] Add trusted host middleware. --- etebase_fastapi/app.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/etebase_fastapi/app.py b/etebase_fastapi/app.py index 2bbfc2a..75cb099 100644 --- a/etebase_fastapi/app.py +++ b/etebase_fastapi/app.py @@ -1,7 +1,6 @@ import os from django.core.wsgi import get_wsgi_application -from fastapi.middleware.cors import CORSMiddleware os.environ.setdefault("DJANGO_SETTINGS_MODULE", "etebase_server.settings") application = get_wsgi_application() @@ -10,6 +9,8 @@ from django.conf import settings # Not at the top of the file because we first need to setup django from fastapi import FastAPI, Request +from fastapi.middleware.cors import CORSMiddleware +from fastapi.middleware.trustedhost import TrustedHostMiddleware from .exceptions import CustomHttpException from .authentication import authentication_router @@ -35,6 +36,7 @@ if settings.DEBUG: app.add_middleware( CORSMiddleware, allow_origin_regex="https?://.*", allow_credentials=True, allow_methods=["*"], allow_headers=["*"] ) +app.add_middleware(TrustedHostMiddleware, allowed_hosts=settings.ALLOWED_HOSTS) @app.exception_handler(CustomHttpException)