Guido Günther wrote: > Isn't this also affected by a rebinding attack since we allow any host > in debug mode? If it helps, speaking as a regular Django developer, if you've got ``settings.DEBUG`` enabled in production you have much bigger problems than a rebinding attack… Regards, -- ,''`. : :' : Chris Lamb `. `'` lamby@debian.org / chris-lamb.co.uk `-