-
Epic
-
Resolution: Done
-
Normal
-
None
-
None
We currently set `ALLOWED_HOSTS=*`. This is a vulnerability regression and should be limited to only the hosts that should be served by Django:
https://docs.djangoproject.com/en/5.0/ref/settings/#allowed-hosts
This was originally changed to ensure that the liveness check would not fail, since the liveness check accesses the server using the IP address of the pod and is random each time a pod is created:
https://github.com/openstack-k8s-operators/horizon-operator/commit/842186a5d26a96c1b78be8e7925ee6f9b74aa7de