ref(controller): remove redundant ALLOWED_HOSTS setting

mboersma · mboersma · commit 2c30e5f3f698 · 2014-12-29T16:20:15.000-07:00
diff --git a/controller/deis/settings.py b/controller/deis/settings.py
@@ -20,9 +20,9 @@
 
 CONN_MAX_AGE = 60 * 3
 
-# Hosts/domain names that are valid for this site; required if DEBUG is False
-# See https://docs.djangoproject.com/en/1.5/ref/settings/#allowed-hosts
-ALLOWED_HOSTS = ['localhost']
+# SECURITY: change this to allowed fqdn's to prevent host poisioning attacks
+# https://docs.djangoproject.com/en/1.6/ref/settings/#allowed-hosts
+ALLOWED_HOSTS = ['*']
 
 # Local time zone for this installation. Choices can be found here:
 # http://en.wikipedia.org/wiki/List_of_tz_zones_by_name
@@ -304,10 +304,6 @@
 
 APP_URL_REGEX = '[a-z0-9-]+'
 
-# SECURITY: change this to allowed fqdn's to prevent host poisioning attacks
-# see https://docs.djangoproject.com/en/1.5/ref/settings/#std:setting-ALLOWED_HOSTS
-ALLOWED_HOSTS = ['*']
-
 # Honor HTTPS from a trusted proxy
 # see https://docs.djangoproject.com/en/1.6/ref/settings/#secure-proxy-ssl-header
 SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
