From d893d35c6f792b06888cdf990937e83f01eb14e5 Mon Sep 17 00:00:00 2001
From: Tom Hacohen <tom@stosb.com>
Date: Fri, 20 Nov 2020 18:11:35 +0200
Subject: [PATCH] Fix the host checks to only check against hostname.

Fixes https://github.com/etesync/etesync-web/issues/183
As discussed in #66
Continuation of 843b59a0ac1e2076a514b9c52fc5c6941b27dff0.
---
 django_etebase/views.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/django_etebase/views.py b/django_etebase/views.py
index 7dd7526..f3abcbc 100644
--- a/django_etebase/views.py
+++ b/django_etebase/views.py
@@ -708,7 +708,7 @@ class AuthenticationViewSet(viewsets.ViewSet):
         elif challenge_data["userId"] != user.id:
             content = {"code": "wrong_user", "detail": "This challenge is for the wrong user"}
             return Response(content, status=status.HTTP_400_BAD_REQUEST)
-        elif not settings.DEBUG and host.split(":", 1)[0] != request.get_host():
+        elif not settings.DEBUG and host.split(':', 1)[0] != request.get_host().split(':', 1)[0]:
             detail = 'Found wrong host name. Got: "{}" expected: "{}"'.format(host, request.get_host())
             content = {"code": "wrong_host", "detail": detail}
             return Response(content, status=status.HTTP_400_BAD_REQUEST)