我承认这是一个非常古老的问题,但我使用了一个我认为更好的解决方案,并且不会通过设置ALLOWED_HOSTS = ['*'].
这是我写的一个Middleware类,感觉可以随意重用。
它继承自CommonMiddleware并且应该使用它而不是CommonMiddleware在MIDDLEWARE_CLASSES.settings.py
from django.middleware.common import CommonMiddleware
from django.conf import settings
from django.http.response import HttpResponse
from django.utils import importlib
class CommonWithAllowedHeartbeatMiddleWare(CommonMiddleware):
"""
A middleware class to take care of LoadBalancers whose HOST headers might change dynamically
but are supposed to only access a specific path that returns a 200-OK status.
This middleware allows these requests to the "heartbeat" path to bypass the ALLOWED_HOSTS mechanism check
without jeopardizing the rest of the framework.
(for more details on ALLOWED_HOSTS setting, see: https://docs.djangoproject.com/en/1.5/ref/settings/#allowed-hosts )
settings.HEARTBEAT_PATH (default: "/heartbeat/"):
This will be the path that is cleared and bypasses the common middleware's ALLOWED_HOSTS check.
settings.HEARTBEAT_METHOD (default: None):
The full path to the method that should be called that checks the status.
This setting allows you to hook a method that will be called that can perform any kind of health checks and return the result.
If no method is specified a simple HttpResponse("OK", status_code=200) will be returned.
The method should expect the HttpRequest object of this request and return either True, False or a HttpResponse object.
- True: middleware will return HttpResponse("OK")
- False: middleware will return HttpResponse("Unhealthy", status_code=503) [status 503 - "Service Unavailable"]
- HttpResponse: middleware will just return the HttpResponse object it got back.
IMPORTANT NOTE:
The method being called and any method it calls, cannot call HttpRequest.get_host().
If they do, the ALLOWED_HOSTS mechanism will be called and SuspeciousOperation exception will be thrown.
"""
def process_request(self, request):
# Checking if the request is for the heartbeat path
if request.path == getattr(settings, "HEARTBEAT_PATH", "/heartbeat/"):
method_path = getattr(settings, "HEARTBEAT_METHOD", None)
# Checking if there is a method that should be called instead of the default HttpResponse
if method_path:
# Getting the module to import and method to call
last_sep = method_path.rfind(".")
module_name = method_path[:last_sep]
method = method_path[(last_sep+1):]
module = importlib.import_module(module_name)
# Calling the desired method
result = getattr(module, method)(request)
# If the result is alreay a HttpResponse object just return it
if isinstance(result, HttpResponse):
return result
# Otherwise, if the result is False, return a 503-response
elif not result:
return HttpResponse("Unhealthy", status_code=503)
# Just return OK
return HttpResponse("OK")
# If this is not a request to the specific heartbeat path, just let the common middleware do its magic
return CommonMiddleware.process_request(self, request)
当然我意识到这个机制完全绕过了CommonMiddleware,但是它只有在请求心跳路径时才会这样做,所以我觉得这是要付出一点代价的。
希望别人觉得它有用。