From 8baeae6be92fa1696db6057bf896adb4c6d92104 Mon Sep 17 00:00:00 2001
From: Manuel Zaforas <mzaforas@gmail.com>
Date: Thu, 27 Jul 2017 15:13:22 +0200
Subject: [PATCH] Update settings.py

ALLOWED_HOSTS is also check when DEBUG=True after Django 1.10.3, 1.9.11, and 1.8.16 to prevent a DNS rebinding attack. https://docs.djangoproject.com/en/1.11/ref/settings/#allowed-hosts
---
 appengine/flexible/hello_world_django/project_name/settings.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/appengine/flexible/hello_world_django/project_name/settings.py b/appengine/flexible/hello_world_django/project_name/settings.py
index e96651fa8f7..584a7de069f 100644
--- a/appengine/flexible/hello_world_django/project_name/settings.py
+++ b/appengine/flexible/hello_world_django/project_name/settings.py
@@ -39,7 +39,7 @@
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = True
 
-ALLOWED_HOSTS = []
+ALLOWED_HOSTS = ['*']
 
 
 # Application definition