diff --git a/django/http/utils.py b/django/http/utils.py index 90155cd2ed..5dcac06dcf 100644 --- a/django/http/utils.py +++ b/django/http/utils.py @@ -17,7 +17,7 @@ def fix_location_header(request, response): Code constructing response objects is free to insert relative paths, as this function converts them to absolute paths. """ - if 'Location' in response and request.get_host(): + if 'Location' in response: response['Location'] = request.build_absolute_uri(response['Location']) return response diff --git a/tests/http_utils/tests.py b/tests/http_utils/tests.py index 9105e64ee4..3225bfebf1 100644 --- a/tests/http_utils/tests.py +++ b/tests/http_utils/tests.py @@ -3,8 +3,8 @@ from __future__ import unicode_literals import io import gzip -from django.http import HttpRequest, HttpResponse, StreamingHttpResponse -from django.http.utils import conditional_content_removal +from django.http import HttpRequest, HttpResponse, HttpResponseRedirect, StreamingHttpResponse +from django.http.utils import conditional_content_removal, fix_location_header from django.test import TestCase @@ -69,3 +69,14 @@ class HttpUtilTests(TestCase): res = StreamingHttpResponse(['abc']) conditional_content_removal(req, res) self.assertEqual(b''.join(res), b'') + + def test_fix_location_without_get_host(self): + """ + Tests that you can return an absolute redirect when the request + host is not in ALLOWED_HOSTS. Issue #20472 + """ + request = HttpRequest() + def bomb(): + self.assertTrue(False) + request.get_host = bomb + fix_location_header(request, HttpResponseRedirect('http://example.com'))