middleware: improve condition to automatically determine a common domain (fixes #15548)
It works if: - HTTP Host is a domain name and not an IP address (IPv6 address will not pass this test, they lack dots), - domain contains at least three components.
This commit is contained in:
parent
cb3e18c8ba
commit
688067f270
|
@ -35,8 +35,12 @@ class PassiveAuthenticationMiddleware(object):
|
|||
# get the common domain or guess
|
||||
common_domain = app_settings.OPENED_SESSION_COOKIE_DOMAIN
|
||||
if not common_domain:
|
||||
host = request.get_host()
|
||||
# accept automatic common domain selection if domain has at least three components
|
||||
# and is not an IP address
|
||||
if not host.count('.') > 1 or host.replace('.', '').isdigit():
|
||||
return
|
||||
common_domain = request.get_host().split('.', 1)[1]
|
||||
assert '.' in common_domain # if domain is xxx.com explode !
|
||||
params = {
|
||||
'next': request.build_absolute_uri(),
|
||||
'passive': '',
|
||||
|
|
Loading…
Reference in New Issue