Fixed #26094 -- Fixed CSRF behind a proxy (settings.USE_X_FORWARDED_PORT=True).

2025-10-28 08:06:09 +00:00 · 2016-01-18 15:04:41 +01:00
parent a1fba4e843
commit 2d28144c95
3 changed files with 21 additions and 1 deletions
--- a/django/middleware/csrf.py
+++ b/django/middleware/csrf.py
@@ -174,7 +174,7 @@ class CsrfViewMiddleware(object):
                    good_referer = request.get_host()
                else:
                    good_referer = settings.CSRF_COOKIE_DOMAIN
-                    server_port = request.META['SERVER_PORT']
+                    server_port = request.get_port()
                    if server_port not in ('443', '80'):
                        good_referer = '%s:%s' % (good_referer, server_port)