From 6f6e57a0c78af108e1d26e6ed2eb4c6818e25fc1 Mon Sep 17 00:00:00 2001
From: Jake Howard <git@theorangeone.net>
Date: Wed, 16 Nov 2022 14:20:21 +0000
Subject: [PATCH] Add enforce host

---
 requirements.txt    | 1 +
 website/settings.py | 4 ++++
 2 files changed, 5 insertions(+)

diff --git a/requirements.txt b/requirements.txt
index c5d6c16..ef9b846 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -28,6 +28,7 @@ django3-cache-decorator==0.5.2
 django-cors-headers==3.13.0
 django-csp==3.7
 django-permissions-policy==4.13.0
+django-enforce-host==1.1.0
 
 # DRF OpenAPI dependencies
 uritemplate
diff --git a/website/settings.py b/website/settings.py
index 6adcea2..84967d0 100644
--- a/website/settings.py
+++ b/website/settings.py
@@ -94,6 +94,7 @@ MIDDLEWARE = [
     "django.middleware.security.SecurityMiddleware",
     "django.middleware.clickjacking.XFrameOptionsMiddleware",
     "corsheaders.middleware.CorsMiddleware",
+    "enforce_host.EnforceHostMiddleware",
     "whitenoise.middleware.WhiteNoiseMiddleware",
     "django.middleware.common.CommonMiddleware",
     "django.contrib.sessions.middleware.SessionMiddleware",
@@ -421,6 +422,9 @@ if not DEBUG:
     CSP_BLOCK_ALL_MIXED_CONTENT = True
     CSP_UPGRADE_INSECURE_REQUESTS = True
 
+    if not TEST:
+        ENFORCE_HOST = BASE_HOSTNAME
+
 if sentry_dsn := env("SENTRY_DSN"):
     import sentry_sdk
     from sentry_sdk.integrations.django import DjangoIntegration