From 4d2c4a9602aad4c647e44a0c073a8f0eded74189 Mon Sep 17 00:00:00 2001 From: ibuler Date: Tue, 25 Jul 2023 10:11:57 +0800 Subject: [PATCH] =?UTF-8?q?perf:=20=E4=BC=98=E5=8C=96=20domains=20?= =?UTF-8?q?=E8=8E=B7=E5=8F=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/jumpserver/settings/base.py | 35 ++++++++++++++++++++------------ 1 file changed, 22 insertions(+), 13 deletions(-) diff --git a/apps/jumpserver/settings/base.py b/apps/jumpserver/settings/base.py index ba8429c19..7498b1a33 100644 --- a/apps/jumpserver/settings/base.py +++ b/apps/jumpserver/settings/base.py @@ -67,32 +67,41 @@ SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https') # LOG LEVEL LOG_LEVEL = CONFIG.LOG_LEVEL -DOMAINS = CONFIG.DOMAINS or CONFIG.SITE_URL +DOMAINS = CONFIG.DOMAINS or 'localhost' +if os.environ.get('SERVER_NAME'): + DOMAINS += ',{}'.format(os.environ.get('SERVER_NAME')) +if CONFIG.SITE_URL: + DOMAINS += ',{}'.format(CONFIG.SITE_URL) + ALLOWED_DOMAINS = DOMAINS.split(',') if DOMAINS else ['localhost:8080'] ALLOWED_DOMAINS = [host.strip() for host in ALLOWED_DOMAINS] ALLOWED_DOMAINS = [host.replace('http://', '').replace('https://', '') for host in ALLOWED_DOMAINS if host] ALLOWED_DOMAINS = [host.split('/')[0] for host in ALLOWED_DOMAINS if host] -DEBUG_HOSTS = ['127.0.0.1', 'localhost'] -DEBUG_PORT = ['8080', '80', '443', '4200', '9528'] +DEBUG_HOSTS = ('127.0.0.1', 'localhost') +DEBUG_PORT = ['8080', '80', ] if DEBUG: - DEBUG_HOST_PORTS = ['{}:{}'.format(host, port) for host in DEBUG_HOSTS for port in DEBUG_PORT] - ALLOWED_DOMAINS.extend(DEBUG_HOST_PORTS) + DEBUG_PORT.extend(['4200', '9528']) +DEBUG_HOST_PORTS = ['{}:{}'.format(host, port) for host in DEBUG_HOSTS for port in DEBUG_PORT] +ALLOWED_DOMAINS.extend(DEBUG_HOST_PORTS) ALLOWED_HOSTS = list(set(['.' + host.split(':')[0] for host in ALLOWED_DOMAINS])) -print("ALLOWED_HOSTS: ", ALLOWED_HOSTS) +print("ALLOWED_HOSTS: ", ) +for host in ALLOWED_HOSTS: + print(' - ' + host) # https://docs.djangoproject.com/en/4.1/ref/settings/#std-setting-CSRF_TRUSTED_ORIGINS CSRF_TRUSTED_ORIGINS = [] - -for host in ALLOWED_DOMAINS: - host = host.strip('.') - if host.startswith('http'): - CSRF_TRUSTED_ORIGINS.append(host) +for host_port in ALLOWED_DOMAINS: + origin = host_port.strip('.') + if origin.startswith('http'): + CSRF_TRUSTED_ORIGINS.append(origin) continue + is_local_origin = origin.split(':')[0] in DEBUG_HOSTS for schema in ['https', 'http']: - # CSRF_TRUSTED_ORIGINS.append('{}://{}'.format(schema, host)) - CSRF_TRUSTED_ORIGINS.append('{}://*.{}'.format(schema, host)) + if is_local_origin and schema == 'https': + continue + CSRF_TRUSTED_ORIGINS.append('{}://*.{}'.format(schema, origin)) print("CSRF_TRUSTED_ORIGINS: ") for origin in CSRF_TRUSTED_ORIGINS: