在django的settings中. 将DEBUG 设置为False. 会出现

#python manage.py runserver 8888
CommandError: You must set settings.ALLOWED_HOSTS if DEBUG is False.

#####################################################

提示DEBUG为False时,必须设置settings.ALLOWED_HOSTS .

ALLOWED_HOSTS = [

    '.example.com',  # Allow domain and subdomains

    '.example.com.',  # Also allow FQDN and subdomains

]
或者您需要设置所有的均可访问.那么可以这样设置.

ALLOWED_HOSTS = ['*']

任何用户均可以访问.
然后再访问下.恢复正常.

相关django官方文档.
https://docs.djangoproject.com/en/1.7/ref/settings/
在此引用一下.
ALLOWED_HOSTS¶

Default: [] (Empty list)

A list of strings representing the host/domain names that this Django site can serve. This is a security measure to prevent an attacker from poisoning caches and password reset emails with links to malicious hosts by submitting requests with a fake HTTP Host header, which is possible even under many seemingly-safe web server configurations.

Values in this list can be fully qualified names (e.g. 'www.example.com'), in which case they will be matched against the request’s Host header exactly (case-insensitive, not including port). A value beginning with a period can be used as a subdomain wildcard: '.example.com' will match example.com, www.example.com, and any other subdomain of example.com. A value of '*' will match anything; in this case you are responsible to provide your own validation of the Host header (perhaps in a middleware; if so this middleware must be listed first in MIDDLEWARE_CLASSES).

Changed in Django 1.7:

In previous versions of Django, if you wanted to also allow the fully qualified domain name (FQDN), which some browsers can send in the Host header, you had to explicitly add another ALLOWED_HOSTS entry that included a trailing period. This entry could also be a subdomain wildcard:

ALLOWED_HOSTS = [

    '.example.com',  # Allow domain and subdomains

    '.example.com.',  # Also allow FQDN and subdomains

]



In Django 1.7, the trailing dot is stripped when performing host validation, thus an entry with a trailing dot isn’t required.

If the Host header (or X-Forwarded-Host if USE_X_FORWARDED_HOST is enabled) does not match any value in this list, the django.http.HttpRequest.get_host() method will raise SuspiciousOperation.

When DEBUG is True or when running tests, host validation is disabled; any host will be accepted. Thus it’s usually only necessary to set it in production.

This validation only applies via get_host(); if your code accesses the Host header directly from request.META you are bypassing this security protection.


												


											
django DEBUG=False的更多相关文章
	

    
								
  1. Python django 404页面配置和debug=false 静态文件配置 django版本1.10.5
		
    django设置404页面 1.设置settings文件 DEBUG = False ALLOWED_HOSTS = ['127.0.0.1', 'localhost']或者 ALLOWED_HOST ...
    
		
    2. 
						
  2. 配置Django框架为生产环境的注意事项(DEBUG=False)
		
    问题描述: Django1.10版本中框架中settings.py配置文件 配置文件settings.py配置了下面两项: DEBUG= False ALLOWED_HOSTS = ['*'] #这样 ...
    
		
    3. 
						
  3. Django设置 DEBUG=False后静态文件无法加载
		
    修改setting.py STATIC_URL = '/static/' STATIC_ROOT = 'static' ## 新增行 STATICFILES_DIRS = [ os.path.join ...
    
		
    4. 
						
  4. Django设置 DEBUG=False后静态文件无法加载解决
		
    前段时间调试一直是在Debug=True先运行的,没有什么问题.今天关闭了Debug后,出现了一个问题.就是静态文件找不到了,「img.css.js」都提示404,无法准确的访问 static 静态文 ...
    
		
    5. 
						
  5. Django settings.py设置 DEBUG=False后静态文件无法加载解决
		
    解决办法: settings.py 文件 DEBUG = False STATIC_ROOT = os.path.join(BASE_DIR,'static') #新增 urls.py文件(项目的)  ...
    
		
    6. 
						
  6. django 注册后台管理 在debug=true能行,在debug=false不能显示出管理标签
		
    debug=true 下,如下图:
    
		
    7. 
						
  7. 部署前准备--使用Mysql之Django Debug Toolbar安装以及配置
		
    python -c "import django ;print(django.__path__);" 查看python的全局配置 vi /usr/local/lib/python3 ...
    
		
    8. 
						
  8. Django之Django debug toolbar调试工具
		
    一.安装Django debug toolbar调试工具 pip3 install django-debug-toolbar 如果出错命令为 pip install django_debug_tool ...
    
		
    9. 
						
  9. 【Django】Django Debug Toolbar调试工具配置
		
    正在发愁怎么调试Django,就遇到了Django Debug Toolbar这个利器. 先说遇到的问题: 网上也有教程,不过五花八门的,挨个尝试了一遍,也没有成功运行.最后终于找到问题所在: 从开发 ...
    
		
    10. 
		

	


随机推荐
	

    
									
  1. C 中的typedef应用
			
    1. typedef  声明的新的类型名在变量名的位置出现. example: typedef unsigned int UINT 则 unsigned int a; 相当于 UINT A; 2. t ...
    
			
    2. 
						
  2. React开发调试工具--react-developer-tools
			
    1. 首先,下载react-developer-tools开发调试工具插件. 因为谷歌插件下载需要FQ,这里提供一个本地资源:https://www.crx4chrome.com/crx/3068/  ...
    
			
    3. 
						
  3. Python+Appium自动化环境搭建
			
    appium工作原理 appium 在android端工作流 client端也就是我们 test script是我们的webdriver测试脚本. 中间是起的Appium的服务,Appium在服务端起 ...
    
			
    4. 
						
  4. javascript sourcemap
			
    [javascript sourcemap] 暂时只有Chrome浏览器支持这个功能.在Developer Tools的Setting设置中,确认选中"Enable JavaScript s ...
    
			
    5. 
						
  5. Jenkins 传递自定义的参数
			
    1.同一个job之间,不同的shell之间传递参数 注意:如果是job参数化构建自定义的参数,可以在job的不同shellj间引用,但是不能改变他的值供后面的shell使用   job在执行时会针对所 ...
    
			
    6. 
						
  6. ucore-lab1-练习1report
			
    练习1 report 问题1:OS镜像文件ucore.img是如何一步一步生成的(需要比较详细地解释Makefile中的每一条相关命令和命令参数的含义,以及说明命令导致的结果)? GNU make是一 ...
    
			
    7. 
						
  7. nexus(Maven仓库私服)的安装、配置、使用和仓库迁移
			
    简介 Nexus下载:点击进入 Nexus 是Maven仓库管理器,如果你使用Maven,你可以从Maven中央仓库 下载所需要的构件(artifact),但这通常不是一个好的做法,你应该在本地架设一 ...
    
			
    8. 
						
  8. Selenium 定位元素原理,基本API,显示等待,隐式等待,重试机制等等
			
    Selenium  如何定位动态元素: 测试的时候会遇到元素每次变动的情况,例如: <div id="btn-attention_2030295">...</di ...
    
			
    9. 
						
  9. java编程 求和
			
    用java编程,实现字符串强制类型转化成整数型,用到Integer.parseInt(),可以把字符串强制转换成整数 结果截图
    
			
    10. 
						
  10. bootstrap-table 使用遇到的问题总结
			
    问题一:右上角button样式自定义 方法: //修改bootstrap-table右上角按钮样式 $(".table-box .columns-right button").re ...
    
			
    11.