From b39e6ff20e80e1ecfb2879a3a3e7a0aefd24b70e Mon Sep 17 00:00:00 2001 From: Muhammad Arslan Abdul Rauf Date: Mon, 15 Sep 2025 21:06:03 +0500 Subject: [PATCH 1/3] fix: make ALLOWED_HOSTS configurable through YAML --- cms/envs/production.py | 19 ++++++++++++++----- lms/envs/production.py | 19 +++++++++++++++---- 2 files changed, 29 insertions(+), 9 deletions(-) diff --git a/cms/envs/production.py b/cms/envs/production.py index f2d7ab88e4..09b203f6dd 100644 --- a/cms/envs/production.py +++ b/cms/envs/production.py @@ -89,6 +89,7 @@ with codecs.open(CONFIG_FILE, encoding='utf-8') as f: 'EVENT_BUS_PRODUCER_CONFIG', 'DEFAULT_FILE_STORAGE', 'STATICFILES_STORAGE', + 'ALLOWED_HOSTS', ] }) @@ -139,11 +140,19 @@ if STATIC_ROOT_BASE: DATA_DIR = path(DATA_DIR) -ALLOWED_HOSTS = [ - # TODO: bbeggs remove this before prod, temp fix to get load testing running - "*", - CMS_BASE, -] +# Configure ALLOWED_HOSTS based on YAML configuration +# If ALLOWED_HOSTS is explicitly set in YAML, use that; otherwise include "*" as fallback +if 'ALLOWED_HOSTS' in _YAML_TOKENS: + # User has explicitly configured ALLOWED_HOSTS in YAML + ALLOWED_HOSTS = _YAML_TOKENS['ALLOWED_HOSTS'] +else: + # Default behavior: include wildcard and CMS_BASE + ALLOWED_HOSTS = [ + "*", + ] + +if CMS_BASE and CMS_BASE not in ALLOWED_HOSTS: + ALLOWED_HOSTS.append(CMS_BASE) # Cache used for location mapping -- called many times with the same key/value # in a given request. diff --git a/lms/envs/production.py b/lms/envs/production.py index 0620d4f2c0..8f51250191 100644 --- a/lms/envs/production.py +++ b/lms/envs/production.py @@ -84,6 +84,7 @@ with codecs.open(CONFIG_FILE, encoding='utf-8') as f: 'EVENT_BUS_PRODUCER_CONFIG', 'DEFAULT_FILE_STORAGE', 'STATICFILES_STORAGE', + 'ALLOWED_HOSTS', ] }) @@ -141,10 +142,20 @@ SESSION_COOKIE_SAMESITE = DCS_SESSION_COOKIE_SAMESITE for feature, value in _YAML_TOKENS.get('FEATURES', {}).items(): FEATURES[feature] = value -ALLOWED_HOSTS = [ - "*", - _YAML_TOKENS.get('LMS_BASE'), -] +# Configure ALLOWED_HOSTS based on YAML configuration +# If ALLOWED_HOSTS is explicitly set in YAML, use that; otherwise include "*" as fallback +if 'ALLOWED_HOSTS' in _YAML_TOKENS: + # User has explicitly configured ALLOWED_HOSTS in YAML + ALLOWED_HOSTS = _YAML_TOKENS['ALLOWED_HOSTS'] +else: + # Default behavior: include wildcard and LMS_BASE + ALLOWED_HOSTS = [ + "*", + ] + +LMS_BASE = _YAML_TOKENS.get('LMS_BASE') +if LMS_BASE and LMS_BASE not in ALLOWED_HOSTS: + ALLOWED_HOSTS.append(LMS_BASE) # Cache used for location mapping -- called many times with the same key/value # in a given request. From 83dbf263d7d6bd881fb87577631059f6b7d0f601 Mon Sep 17 00:00:00 2001 From: Muhammad Arslan Abdul Rauf Date: Tue, 16 Sep 2025 23:31:01 +0500 Subject: [PATCH 2/3] refactor: move ALLOWED_HOSTS to openedx/envs/common --- cms/envs/production.py | 14 ++------------ lms/envs/production.py | 15 ++------------- 2 files changed, 4 insertions(+), 25 deletions(-) diff --git a/cms/envs/production.py b/cms/envs/production.py index 09b203f6dd..6e39cf02c0 100644 --- a/cms/envs/production.py +++ b/cms/envs/production.py @@ -140,19 +140,9 @@ if STATIC_ROOT_BASE: DATA_DIR = path(DATA_DIR) -# Configure ALLOWED_HOSTS based on YAML configuration -# If ALLOWED_HOSTS is explicitly set in YAML, use that; otherwise include "*" as fallback +# If ALLOWED_HOSTS is explicitly set in YAML, use it as the base; otherwise use default from common.py if 'ALLOWED_HOSTS' in _YAML_TOKENS: - # User has explicitly configured ALLOWED_HOSTS in YAML - ALLOWED_HOSTS = _YAML_TOKENS['ALLOWED_HOSTS'] -else: - # Default behavior: include wildcard and CMS_BASE - ALLOWED_HOSTS = [ - "*", - ] - -if CMS_BASE and CMS_BASE not in ALLOWED_HOSTS: - ALLOWED_HOSTS.append(CMS_BASE) + _BASE_ALLOWED_HOSTS = _YAML_TOKENS['ALLOWED_HOSTS'] # Cache used for location mapping -- called many times with the same key/value # in a given request. diff --git a/lms/envs/production.py b/lms/envs/production.py index 8f51250191..7e48a3c682 100644 --- a/lms/envs/production.py +++ b/lms/envs/production.py @@ -142,20 +142,9 @@ SESSION_COOKIE_SAMESITE = DCS_SESSION_COOKIE_SAMESITE for feature, value in _YAML_TOKENS.get('FEATURES', {}).items(): FEATURES[feature] = value -# Configure ALLOWED_HOSTS based on YAML configuration -# If ALLOWED_HOSTS is explicitly set in YAML, use that; otherwise include "*" as fallback +# If ALLOWED_HOSTS is explicitly set in YAML, use it as the base; otherwise use default from common.py if 'ALLOWED_HOSTS' in _YAML_TOKENS: - # User has explicitly configured ALLOWED_HOSTS in YAML - ALLOWED_HOSTS = _YAML_TOKENS['ALLOWED_HOSTS'] -else: - # Default behavior: include wildcard and LMS_BASE - ALLOWED_HOSTS = [ - "*", - ] - -LMS_BASE = _YAML_TOKENS.get('LMS_BASE') -if LMS_BASE and LMS_BASE not in ALLOWED_HOSTS: - ALLOWED_HOSTS.append(LMS_BASE) + _BASE_ALLOWED_HOSTS = _YAML_TOKENS['ALLOWED_HOSTS'] # Cache used for location mapping -- called many times with the same key/value # in a given request. From 245c76fc1bbf3bf30df537ebdc839ed71ff0a736 Mon Sep 17 00:00:00 2001 From: Muhammad Arslan Abdul Rauf Date: Mon, 22 Sep 2025 16:38:05 +0500 Subject: [PATCH 3/3] fix: add '*' wild card in common ALLOWED_HOSTS --- cms/envs/production.py | 5 ----- lms/envs/production.py | 5 ----- openedx/envs/common.py | 4 ++++ 3 files changed, 4 insertions(+), 10 deletions(-) diff --git a/cms/envs/production.py b/cms/envs/production.py index 6e39cf02c0..c6a0f090f3 100644 --- a/cms/envs/production.py +++ b/cms/envs/production.py @@ -89,7 +89,6 @@ with codecs.open(CONFIG_FILE, encoding='utf-8') as f: 'EVENT_BUS_PRODUCER_CONFIG', 'DEFAULT_FILE_STORAGE', 'STATICFILES_STORAGE', - 'ALLOWED_HOSTS', ] }) @@ -140,10 +139,6 @@ if STATIC_ROOT_BASE: DATA_DIR = path(DATA_DIR) -# If ALLOWED_HOSTS is explicitly set in YAML, use it as the base; otherwise use default from common.py -if 'ALLOWED_HOSTS' in _YAML_TOKENS: - _BASE_ALLOWED_HOSTS = _YAML_TOKENS['ALLOWED_HOSTS'] - # Cache used for location mapping -- called many times with the same key/value # in a given request. if 'loc_cache' not in CACHES: diff --git a/lms/envs/production.py b/lms/envs/production.py index 7e48a3c682..aeccaf0c0f 100644 --- a/lms/envs/production.py +++ b/lms/envs/production.py @@ -84,7 +84,6 @@ with codecs.open(CONFIG_FILE, encoding='utf-8') as f: 'EVENT_BUS_PRODUCER_CONFIG', 'DEFAULT_FILE_STORAGE', 'STATICFILES_STORAGE', - 'ALLOWED_HOSTS', ] }) @@ -142,10 +141,6 @@ SESSION_COOKIE_SAMESITE = DCS_SESSION_COOKIE_SAMESITE for feature, value in _YAML_TOKENS.get('FEATURES', {}).items(): FEATURES[feature] = value -# If ALLOWED_HOSTS is explicitly set in YAML, use it as the base; otherwise use default from common.py -if 'ALLOWED_HOSTS' in _YAML_TOKENS: - _BASE_ALLOWED_HOSTS = _YAML_TOKENS['ALLOWED_HOSTS'] - # Cache used for location mapping -- called many times with the same key/value # in a given request. if 'loc_cache' not in CACHES: diff --git a/openedx/envs/common.py b/openedx/envs/common.py index 18fa201382..e9033a1759 100644 --- a/openedx/envs/common.py +++ b/openedx/envs/common.py @@ -2258,6 +2258,10 @@ AI_TRANSLATIONS_API_URL = 'http://localhost:18760/api/v1' def should_send_learning_badge_events(settings): return settings.BADGES_ENABLED +############################## ALLOWED_HOSTS ############################### + +ALLOWED_HOSTS = ['*'] + ############################## Miscellaneous ############################### COURSE_MODE_DEFAULTS = {