Comment 5 for bug 1808720

All requests originating in Django are now going through a Squid proxy:

https://github.com/libravatar/wiki.libravatar.org/commit/51cdee5ead711f662b4d2d7116dc8aadd756ccb8

and any requests to localhost are denied.

In addition, I verified that nobody was using an OpenID URL in the database and now enforce a standard port of 80 or 433 in the proxy.

The OpenID library itself already restricts the protocol to HTTP or HTTPS.