@@ -50,52 +50,43 @@ def _validate_host(self, host: str | None) -> bool: # pragma: no cover
5050 print (host )
5151 if host in self .settings .allowed_hosts :
5252 return True
53-
54- for allowed in self .settings .allowed_hosts :
5553
54+ for allowed in self .settings .allowed_hosts :
5655 # normalize incoming host
57- host_without_https = (
58- host .replace ("https://" , "" )
59- .replace ("http://" , "" )
60- .split ("/" )[0 ]
61- .strip ()
62- )
63-
56+ host_without_https = host .replace ("https://" , "" ).replace ("http://" , "" ).split ("/" )[0 ].strip ()
57+
6458 # split request host + port
6559 if ":" in host_without_https :
6660 request_host , request_port = host_without_https .split (":" , 1 )
6761 else :
6862 request_host = host_without_https
6963 request_port = None
70-
64+
7165 # ---------- CASE 1: wildcard port (example.com:*) ----------
7266 if allowed .endswith (":*" ):
7367 base_host = allowed [:- 2 ]
7468 print (base_host )
75-
69+
7670 if request_host == base_host :
7771 return True
78-
72+
7973 # ---------- CASE 2: specific port (example.com:443) ----------
8074 elif ":" in allowed :
8175 allowed_host , allowed_port = allowed .split (":" , 1 )
82-
83- if (
84- request_host == allowed_host
85- and request_port == allowed_port
86- ):
76+
77+ if request_host == allowed_host and request_port == allowed_port :
8778 return True
88-
79+
8980 # ---------- CASE 3: host only (allow any port) ----------
9081 else :
9182 if request_host == allowed :
9283 return True
93-
84+
9485 logger .warning (f"Invalid Host header: { host } )
9586 return False
96-
87+
9788 logger .warning (f"Invalid Host header: { host } )
98- return False
89+ return False
9990
10091 def _validate_origin (self , origin : str | None ) -> bool : # pragma: no cover
10192 """Validate the Origin header against allowed values."""
0 commit comments