MCPcopy
hub / github.com/pallets/werkzeug / get_host

Function get_host

src/werkzeug/sansio/utils.py:79–156  ·  view source on GitHub ↗

Get and validate a request's ``host:port`` based on the given values. The ``Host`` header sent by the client is preferred. Otherwise, the server's configured address is used. The port is omitted if it matches the standard HTTP or HTTPS ports. The value is passed through :func:`host

(
    scheme: str,
    host_header: str | None,
    server: tuple[str, int | None] | None = None,
    trusted_hosts: t.Collection[str] | None = None,
)

Source from the content-addressed store, hash-verified

77
78
79def get_host(
80 scheme: str,
81 host_header: str | None,
82 server: tuple[str, int | None] | None = None,
83 trusted_hosts: t.Collection[str] | None = None,
84) -> str:
85 """Get and validate a request's ``host:port`` based on the given values.
86
87 The ``Host`` header sent by the client is preferred. Otherwise, the server's
88 configured address is used. The port is omitted if it matches the standard
89 HTTP or HTTPS ports.
90
91 The value is passed through :func:`host_is_trusted`. The host must be made
92 up of valid characters, but this does not check validity beyond that. If a
93 list of trusted domains is given, the domain must match one.
94
95 If the host header is not available, such as for HTTP/0.9 and 1.0, or it has
96 invalid characters, the empty string is returned. Subdomain and host
97 routing, and external URL building, will not work in these cases.
98
99 :param scheme: The protocol of the request. Used to omit the standard ports
100 80 and 443.
101 :param host_header: The ``Host`` header value.
102 :param server: The server's configured address ``(host, port)``. The server
103 may be using a Unix socket and give ``(path, None)``; this is ignored as
104 it would not produce a useful host value.
105 :param trusted_hosts: A list of trusted domains to match. These should
106 already be IDNA encoded, but will be encoded if needed. The port is
107 ignored for this check. If a name starts with a dot it will match as a
108 suffix, accepting all subdomains. If empty or ``None``, all domains are
109 allowed.
110
111 :return: Host, with port if necessary.
112 :raise .SecurityError: If the host is not trusted.
113
114 .. versionchanged:: 3.1.8
115 The empty string is again returned if no host header value is available,
116 or if the characters are invalid.
117
118 .. versionchanged:: 3.1.7
119 The characters of the host value are validated. The empty string is no
120 longer allowed if no header value is available.
121
122 .. versionchanged:: 3.2
123 When using the server address, Unix sockets are ignored.
124
125 .. versionchanged:: 3.1.3
126 If ``SERVER_NAME`` is IPv6, it is wrapped in ``[]``.
127 """
128 if host_header is not None:
129 host = host_header
130 # The port server[1] will be None for a Unix socket. Ignore in that case.
131 elif server is not None and server[1] is not None:
132 host = server[0]
133
134 # If SERVER_NAME is IPv6, wrap it in [] to match Host header.
135 # Check for : because domain or IPv4 can't have that.
136 if ":" in host and host[0] != "[":

Callers 6

test_get_hostFunction · 0.90
test_get_host_unixFunction · 0.90
test_get_host_missingFunction · 0.90
test_get_host_invalidFunction · 0.90
hostMethod · 0.70
bind_to_environMethod · 0.50

Calls 2

host_is_trustedFunction · 0.85
SecurityErrorClass · 0.85

Tested by 4

test_get_hostFunction · 0.72
test_get_host_unixFunction · 0.72
test_get_host_missingFunction · 0.72
test_get_host_invalidFunction · 0.72