How to get the domain name of my site within a Django template?

Question

How do I get the domain name of my current site from within a Django template? I've tried looking in the tag and filters but nothing there.

score 135 · Answer 1 · edited Feb 06 '17 at 22:34

135

If you want the actual HTTP Host header, see Daniel Roseman's comment on @Phsiao's answer. The other alternative is if you're using the contrib.sites framework, you can set a canonical domain name for a Site in the database (mapping the request domain to a settings file with the proper SITE_ID is something you have to do yourself via your webserver setup). In that case you're looking for:

from django.contrib.sites.models import Site

current_site = Site.objects.get_current()
current_site.domain

you'd have to put the current_site object into a template context yourself if you want to use it. If you're using it all over the place, you could package that up in a template context processor.

edited Feb 06 '17 at 22:34

Southpaw Hare

1,535
3
24
50

answered Sep 21 '09 at 15:04

Carl Meyer

122,012
20
106
116

3

To clarify for someone who has the same problems as I had: check that your `SITE_ID` setting is equal to the `id` attribute of the current site in Sites app (you can find the `id` in Sites admin panel). When you call `get_current`, Django takes your `SITE_ID` and returns the `Site` object with that id from the database. – Dennis Golomazov Jul 01 '13 at 09:12
1

None of these work for me. `print("get_current_site: ", get_current_site(request)) print("absolute uri: ", request.build_absolute_uri()) print("HTTP_HOST: ", request.META['HTTP_HOST']) get_current_site: localhost:8001 absolute uri: http://localhost:8001/... HTTP_HOST: localhost:8001` – May 11 '20 at 13:43

score 127 · Answer 2 · edited Mar 06 '17 at 16:55

127

I've discovered the {{ request.get_host }} method.

edited Mar 06 '17 at 16:55

eykanal

26,437
19
82
113

answered Nov 07 '13 at 09:03

danbruegge

2,104
3
20
27

14

Please note that this answer has the same issues of Daniel Roseman approach (it can be spoofed) but it is surely more complete when the host is reached through an HTTP proxy or load balancer since it takes in account of `HTTP_X_FORWARDED_HOST` HTTP header. – furins Jan 08 '14 at 19:02
4

Usage: "//{{ request.get_host }}/anything/else/you/want"... Be sure to fill in your ALLOWED_HOSTS setting (see https://docs.djangoproject.com/en/1.5/ref/settings/#allowed-hosts). – Seth Feb 19 '14 at 12:59
4

@Seth better to use `request.build_absolute_uri` (https://docs.djangoproject.com/en/dev/ref/request-response/#django.http.HttpRequest.build_absolute_uri) – MrKsn Nov 29 '17 at 12:29
i need to construct the host name for my application dynamically for that i didn't have to use a tenary statement to switch between strings for local development version and production that both needed to test a payment gateway integration system.. using request.get_host() in the view and adding add forward slashed to the returned string did the work – Brian Obot Jun 14 '22 at 14:04

score 91 · Accepted Answer · answered Sep 20 '09 at 14:35

91

I think what you want is to have access to the request context, see RequestContext.

answered Sep 20 '09 at 14:35

phsiao

1,557
10
7

if you mean request.url, you only get the path minus the domain – Sep 20 '09 at 14:39
175

`request.META['HTTP_HOST']` gives you the domain. In a template it would be `{{ request.META.HTTP_HOST }}`. – Daniel Roseman Sep 20 '09 at 14:42
37

Be careful with using request metadata. It's coming from a browser and can be spoofed. In general, you'll probably want to go with what's suggested below by @CarlMeyer. – Josh Jul 03 '12 at 15:30
2

For my purposes, this has no security hole. – Paul Draper Mar 15 '13 at 18:58
8

I guess, since Django 1.5 with the allowed hosts setting it's safe to use. https://docs.djangoproject.com/en/1.5/ref/settings/#allowed-hosts – Daniel Backman Sep 23 '13 at 15:13
9

Can someone elaborate on what the "security hole" is? If the user spoofs the `Host:` header and gets a response back with the spoofed domain somewhere on a page, how does that create a security hole? I don't see how that differs from a user taking the generated HTML and modifying himself before feeding it to his own browser. – user193130 May 16 '16 at 21:45
It doesn't work when using nginx. It will return 127.0.0.1:8000. Anyone have solution for this? – hoangquyy Nov 09 '20 at 09:31

panchicore · Answer 4 · 2013-03-13T15:59:31.883

70

Complementing Carl Meyer, you can make a context processor like this:

module.context_processors.py

from django.conf import settings

def site(request):
    return {'SITE_URL': settings.SITE_URL}

local settings.py

SITE_URL = 'http://google.com' # this will reduce the Sites framework db call.

settings.py

TEMPLATE_CONTEXT_PROCESSORS = (
    ...
    "module.context_processors.site",
    ....
 )

templates returning context instance the url site is {{ SITE_URL }}

you can write your own rutine if want to handle subdomains or SSL in the context processor.

edited Mar 13 '13 at 15:59

answered Jan 24 '12 at 03:05

panchicore

11,451
12
74
100

I tried this solution but if you have several subdomains for the same application it is not practical, i found very useful the answer by danbruegge – Jose Luis de la Rosa Mar 04 '17 at 11:41
1

in settings.py you must introduce your context processor in context_processors>OPTIONS>TEMPLATES – yas17 Jan 13 '20 at 22:19

score 34 · Answer 5 · answered Apr 28 '15 at 02:54

34

I know this question is old, but I stumbled upon it looking for a pythonic way to get current domain.

def myview(request):
    domain = request.build_absolute_uri('/')[:-1]
    # that will build the complete domain: http://foobar.com

answered Apr 28 '15 at 02:54

misterte

977
1
11
21

6

`build_absolute_uri` is documented [here](https://docs.djangoproject.com/en/stable/ref/request-response/#django.http.HttpRequest.build_absolute_uri). – Philipp Zedler Sep 10 '15 at 19:46

score 31 · Answer 6 · answered Mar 07 '15 at 07:34

31

Quick and simple, but not good for production:

(in a view)

    request.scheme               # http or https
    request.META['HTTP_HOST']    # example.com
    request.path                 # /some/content/1/

(in a template)

{{ request.scheme }} :// {{ request.META.HTTP_HOST }} {{ request.path }}

Be sure to use a RequestContext, which is the case if you're using render.

Don't trust request.META['HTTP_HOST'] in production: that info comes from the browser. Instead, use @CarlMeyer's answer

answered Mar 07 '15 at 07:34

Edward Newell

17,203
7
34
36

I am upvoting this answer but I received an error when trying to use `request.scheme`. Perhaps only available in newer versions of django. – Matt Cremeens Feb 10 '18 at 11:35
@MattCremeens `request.scheme` was added in Django 1.7. – S. Kirby Feb 19 '18 at 03:05
Not being good enough for production is too big of a caveat. – Teekin Dec 07 '20 at 18:52

S. Kirby · Answer 7 · 2021-01-12T21:25:03.983

{{ request.get_host }} should protect against HTTP Host header attacks when used together with the ALLOWED_HOSTS setting (added in Django 1.4.4).

Note that {{ request.META.HTTP_HOST }} does not have the same protection. See the docs:

ALLOWED_HOSTS

A list of strings representing the host/domain names that this Django site can serve. This is a security measure to prevent HTTP Host header attacks, which are possible even under many seemingly-safe web server configurations.

... If the Host header (or X-Forwarded-Host if USE_X_FORWARDED_HOST is enabled) does not match any value in this list, the django.http.HttpRequest.get_host() method will raise SuspiciousOperation.

... This validation only applies via get_host(); if your code accesses the Host header directly from request.META you are bypassing this security protection.

As for using the request in your template, the template-rendering function calls have changed in Django 1.8, so you no longer have to handle RequestContext directly.

Here's how to render a template for a view, using the shortcut function render():

from django.shortcuts import render

def my_view(request):
    ...
    return render(request, 'my_template.html', context)

Here's how to render a template for an email, which IMO is the more common case where you'd want the host value:

from django.template.loader import render_to_string

def my_view(request):
    ...
    email_body = render_to_string(
        'my_template.txt', context, request=request)

Here's an example of adding a full URL in an email template; request.scheme should get http or https depending on what you're using:

Thanks for registering! Here's your activation link:
{{ request.scheme }}://{{ request.get_host }}{% url 'registration_activate' activation_key %}

The link to Django 1.8 is dead... Would [this](https://docs.djangoproject.com/en/dev/ref/templates/api/#django-template-context-processors-request) be the equivalent now? — James Bellaby, Jan 11 '21 at 19:48
@JamesBellaby Ah, looks like the page I linked to only exists in older docs versions now. I'll update the link to [this](https://django.readthedocs.io/en/1.8.x/ref/templates/upgrading.html#django-template-loader). I guess this historical info isn't relevant to most readers today, but it does kind of clarify things against the other old answers here, so I'll keep it. — S. Kirby, Jan 12 '21 at 21:22
This was useful for me for an email template. With the condition `{% if request.get_host == "127.0.0.1:8000" %}` I could display **production** or **development** URL. Dunno if it's a regular way but it works well. — Abpostman1, Nov 23 '22 at 18:25

vdboor · Answer 8 · 2016-06-19T08:22:40.940

26

The variation of the context processor I use is:

from django.contrib.sites.shortcuts import get_current_site
from django.utils.functional import SimpleLazyObject


def site(request):
    return {
        'site': SimpleLazyObject(lambda: get_current_site(request)),
    }

The SimpleLazyObject wrapper makes sure the DB call only happens when the template actually uses the site object. This removes the query from the admin pages. It also caches the result.

and include it in the settings:

TEMPLATE_CONTEXT_PROCESSORS = (
    ...
    "module.context_processors.site",
    ....
)

In the template, you can use {{ site.domain }} to get the current domain name.

edit: to support protocol switching too, use:

def site(request):
    site = SimpleLazyObject(lambda: get_current_site(request))
    protocol = 'https' if request.is_secure() else 'http'

    return {
        'site': site,
        'site_root': SimpleLazyObject(lambda: "{0}://{1}".format(protocol, site.domain)),
    }

edited Jun 19 '16 at 08:22

answered Aug 16 '13 at 11:23

vdboor

21,914
12
83
96

You don't need to use `SimpleLazyObject` here, because the lambda wont be called if nothing accesses 'site' anyway. – monokrome Aug 07 '14 at 22:26
If you remove the `SimpleLazyObject`, each `RequestContext` will call `get_current_site()`, and therefore execute an SQL query. The wrapper makes sure the variable is only evaluated when it's actually used in the template. – vdboor Aug 14 '14 at 09:51
1

Since it's a function, the host string won't be processed unless it's used anyway. So, you can just assign a function to 'site_root' and you don't need SimpleLazyObject. Django will call the function when it's used. You've already created the necessary function with a lambda here anyway. – monokrome Aug 20 '14 at 17:42
Ah yes, only a lambda would work. The `SimpleLazyObject` is there to avoid reevaluation of the function, which isn't really needed since the `Site` object is cached. – vdboor Aug 27 '14 at 09:25
The import is now `from django.contrib.sites.shortcuts import get_current_site` – Hraban Jun 14 '16 at 05:15

score 10 · Answer 9 · answered Oct 10 '14 at 11:48

10

I use a custom template tag. Add to e.g. <your_app>/templatetags/site.py:

# -*- coding: utf-8 -*-
from django import template
from django.contrib.sites.models import Site

register = template.Library()

@register.simple_tag
def current_domain():
    return 'http://%s' % Site.objects.get_current().domain

Use it in a template like this:

{% load site %}
{% current_domain %}

answered Oct 10 '14 at 11:48

Dennis Golomazov

16,269
5
73
81

Is there any particular downside to this approach? Apart from the call to the Site db on every request. – coolharsh55 May 04 '15 at 19:46
@kicker86 I don't know any. `get_current` is a documented method: https://docs.djangoproject.com/en/dev/ref/contrib/sites/#hooking-into-the-current-site-from-views – Dennis Golomazov May 13 '15 at 15:02
4

`'http://%s'` could be a problem in case of `https` connection; scheme is not dynamic in this case. – Damaged Organic Aug 05 '16 at 10:39

score 9 · Answer 10 · edited Oct 27 '20 at 20:25

If you use the "request" context processor, and are using the Django sites framework, and have the Site middleware installed (i.e. your settings include these):

INSTALLED_APPS = [
    ...
    "django.contrib.sites",
    ...
]

MIDDLEWARE = [
    ...
     "django.contrib.sites.middleware.CurrentSiteMiddleware",
    ...
]

... then you will have the request object available in templates, and it will contain a reference to the current Site for the request as request.site. You can then retrieve the domain in a template with:

    {{request.site.domain}}

and the site name with:

    {{request.site.name}}

Julián Landerreche · Answer 11 · 2020-04-22T21:56:23.997

Similar to user panchicore's reply, this is what I did on a very simple website. It provides a few variables and makes them available on the template.

SITE_URL would hold a value like example.com
SITE_PROTOCOL would hold a value like http or https
SITE_PROTOCOL_URL would hold a value like http://example.com or https://example.com
SITE_PROTOCOL_RELATIVE_URL would hold a value like //example.com.

module/context_processors.py

from django.conf import settings

def site(request):

    SITE_PROTOCOL_RELATIVE_URL = '//' + settings.SITE_URL

    SITE_PROTOCOL = 'http'
    if request.is_secure():
        SITE_PROTOCOL = 'https'

    SITE_PROTOCOL_URL = SITE_PROTOCOL + '://' + settings.SITE_URL

    return {
        'SITE_URL': settings.SITE_URL,
        'SITE_PROTOCOL': SITE_PROTOCOL,
        'SITE_PROTOCOL_URL': SITE_PROTOCOL_URL,
        'SITE_PROTOCOL_RELATIVE_URL': SITE_PROTOCOL_RELATIVE_URL
    }

settings.py

TEMPLATE_CONTEXT_PROCESSORS = (
    ...
    "module.context_processors.site",
    ....
 )

SITE_URL = 'example.com'

Then, on your templates, use them as {{ SITE_URL }}, {{ SITE_PROTOCOL }}, {{ SITE_PROTOCOL_URL }} and {{ SITE_PROTOCOL_RELATIVE_URL }}

score 6 · Answer 12 · edited Aug 12 '20 at 17:53

6

You can use request.build_absolute_uri()

By default, it will return a full path.

But if you pass in a parameter like this:

request.build_absolute_uri('/')

This would return the domain name.

edited Aug 12 '20 at 17:53

Kos

4,890
9
38
42

answered Aug 12 '20 at 16:30

Kyle.Ng

96
1
4

score 4 · Answer 13 · answered Apr 04 '19 at 20:26

4

In a Django template you can do:

<a href="{{ request.scheme }}://{{ request.META.HTTP_HOST }}{{ request.path }}?{{ request.GET.urlencode }}" >link</a>

answered Apr 04 '19 at 20:26

Dos

2,250
1
29
39

1

This worked for me thank you. I had to enable request in TEMPLATES, context_processors: `django.template.context_processors.request`, also [this how-to helped]( https://simpleisbetterthancomplex.com/tips/2016/07/20/django-tip-7-how-to-get-the-current-url-within-a-django-template.html) – ionescu77 Nov 25 '19 at 14:37
1

Agree, Vitor Freitas blog is a great source for Django developers! :) – Dos Nov 26 '19 at 15:49

score 1 · Answer 14 · answered Apr 04 '18 at 12:17

1

What about this approach? Works for me. It is also used in django-registration.

def get_request_root_url(self):
    scheme = 'https' if self.request.is_secure() else 'http'
    site = get_current_site(self.request)
    return '%s://%s' % (scheme, site)

answered Apr 04 '18 at 12:17

But trying it with `localhost` will get you an `https` scheme (It's considered secure) which won't work if you've got static url (only `http://127.0.0.1` is valid, not `https://127.0.0.1`). So it's not ideal when still in development. – ThePhi Jun 21 '20 at 13:26

score 1 · Answer 15 · answered May 02 '21 at 17:25

I figure what we want is an alternative to the existing url tag, so I wrote a new tag:

from django.template import Library
from django.urls     import reverse

@register.simple_tag(takes_context = True)
def fullURL(context, name, *args, **kwargs):
    request = context['request']
    return f'{request.scheme}://{request.get_host()}{reverse(name, args = args, kwargs = kwargs)}'

Then in your template you can have this...

{% extends "myapp/email/email_base.html" %}

{% load mytags %} {# Replace mytags with whatever the name of your custom tags calss is. #}

{% block content %}
<p>You can use <a href="{% fullURL 'signup' %}">this link</a> to get started with your account. We look forward to seeing you soon!</p>
{% endblock content %}

Then when you generate this, you just need to remember to pass the request into the context, like so...

from django.template.loader import render_to_string

def sendEmail(subject, to, template, **context):
    html = render_to_string(f'myapp/email/{template}.html', context | {'subject': subject})
    # ... and so on with the rest of my function for sending email...

score 1 · Answer 16 · answered Apr 02 '22 at 22:05

As alluded to in @furins response there may be issues with proxy servers. I found this myself when using Apache and uWSGI – request.get_host or request.build_absolute_uri would return the proxy host (127.0.0.1:9191…).

However, someone has helpfully posted a guide to fixing this:

https://ubuntu.com/blog/django-behind-a-proxy-fixing-absolute-urls

Although this is a relatively old answer, it is still relevant to django 3.2 and python 3.9.

Just in case the answer disappears in the future, here is the gist of it:

settings.py

# Setup support for proxy headers
USE_X_FORWARDED_HOST = True
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')

apache.conf

<VirtualHost *:443>
    ...
    RequestHeader set X-Forwarded-Proto 'https' env=HTTPS

    ProxyPass / http://10.0.0.3/
    ProxyPassReverse / http://10.0.0.3/
    ...
</VirtualHost>

With these settings request.get_host and request.build_absolute_uri reference the client requested host and not the proxy host.

score 1 · Answer 17 · edited Feb 09 '23 at 05:17

These below can get a full url and parts of url:

def myview(request):
    request.build_absolute_uri()
    # http://localhost:8000/admin/store/product/

    request.build_absolute_uri('/')
    # http://localhost:8000/

    request.build_absolute_uri('/')[:-1]
    # http://localhost:8000

    request.scheme
    # http

    request.META['HTTP_HOST']
    # localhost:8000

    request.path    
    # /admin/store/product/

score 0 · Answer 18 · answered Nov 08 '14 at 22:53

0

from django.contrib.sites.models import Site
if Site._meta.installed:
    site = Site.objects.get_current()
else:
    site = RequestSite(request)

answered Nov 08 '14 at 22:53

Muneeb Ahmad

180
1
1
14

score -6 · Answer 19 · answered May 20 '14 at 15:15

-6

You can use {{ protocol }}://{{ domain }} in your templates to get your domain name.

answered May 20 '14 at 15:15

Erwan

1,055
1
12
26

I don't think that @Erwan notices that this depends on a non-standard request context processor. – monokrome Sep 07 '14 at 03:52
I could not make this work, where do you define protocol and domain? – Jose Luis de la Rosa Mar 04 '17 at 11:43
domain has to be added to the context by the developer. – Shakil Ahmed Sep 27 '20 at 17:14

How to get the domain name of my site within a Django template?

19 Answers19

module.context_processors.py

local settings.py

settings.py

templates returning context instance the url site is {{ SITE_URL }}

Linked

Related