Django 正在从 HTTPS 重定向到 HTTP
我有一个正在运行的 Django 电子商务网站,并为其购买并安装了 SSL 证书。
我添加了一个 VirtualHost 条目:
<VirtualHost *:443>
#Basic setup
ServerAdmin [email protected]
ServerName test.com
ServerAlias www.test.com
Alias /media/admin/ /home/test/public_html/test/release/env/lib/python2.6/dist-packages/django/contrib/admin/media/
Alias /static/ /home/test/public_html/test/release/static/
Alias /media/ /home/test/public_html/test/release/media/
<Directory /home/test/public_html/test/release/>
Order deny,allow
Allow from all
</Directory>
RewriteEngine On
LogLevel warn
ErrorLog /home/test/public_html/test/logs/error.log
CustomLog /home/test/public_html/test/logs/access.log combined
WSGIDaemonProcess test user=www-data group=www-data threads=20 processes=2
WSGIProcessGroup test_ssl
WSGIScriptAlias / /home/test/public_html/test/release/apache/test.wsgi
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/test.com.crt
SSLCertificateChainFile /etc/apache2/ssl/gs_root.pem
SSLCertificateKeyFile /etc/apache2/ssl/www.test.com.key
</VirtualHost>
这是 urls.py 文件:
from django.conf.urls.defaults import patterns, include, url
from django.contrib import admin
from django.conf import settings
from gallery.models import LOCATIONS, Photo
admin.autodiscover()
from satchmo_store.urls import urlpatterns as satchmo_urls
from satchmo_store.shop.views.sitemaps import sitemaps
from cms.sitemaps import CMSSitemap
sitemaps['pages'] = CMSSitemap
urlpatterns = patterns('',
url(r'^admin/', include(admin.site.urls)),
url(r'^search/', include('haystack.urls')),
# Include satchmo urls. Unfortunately, this also includes it's own
# /admin/ and everything else.
url(r'^shop/', include(satchmo_urls)),
url(r'^sitemap\.xml/?$', 'django.contrib.sitemaps.views.sitemap', {'sitemaps': sitemaps}),
url(r'events/gallery/(.*)/(.*)/$', 'gallery.views.events_image'),
url(r'locations/view-all/(.*)/$', 'gallery.views.locations_image'),
url(r'locations/view-all/$', 'gallery.views.locations_view_all',{
'queryset':Photo.objects.filter(gallery__category=LOCATIONS).distinct()}),
url(r'^contact-us/', include('contact_form.urls')),
url(r'^', include('cms.urls')),
)
if settings.DEBUG:
urlpatterns = patterns('',
(r'^media/(?P<path>.*)$', 'django.views.static.serve', {'document_root': settings.MEDIA_ROOT}),
(r'^static/(?P<path>.*)$', 'django.views.static.serve', {'document_root': settings.STATIC_ROOT}),
(r'^404/$', 'django.views.defaults.page_not_found'),
(r'^500/$', 'django.views.defaults.server_error'),
) + urlpatterns
还有一个非 ssl 的conf,它工作正常。
每当我请求该网站的 HTTPS 版本时,我都会收到一个 302 标头响应,该响应会重定向到 HTTP 版本。
apacheconf 中没有明确指出转到端口 80 的重定向。
我已经为此苦苦挣扎了一段时间,任何帮助都会很棒!
谢谢
I have a Django ecommerce site running, and have purchases and installed an SSL cert for it.
I have added a VirtualHost entry:
<VirtualHost *:443>
#Basic setup
ServerAdmin [email protected]
ServerName test.com
ServerAlias www.test.com
Alias /media/admin/ /home/test/public_html/test/release/env/lib/python2.6/dist-packages/django/contrib/admin/media/
Alias /static/ /home/test/public_html/test/release/static/
Alias /media/ /home/test/public_html/test/release/media/
<Directory /home/test/public_html/test/release/>
Order deny,allow
Allow from all
</Directory>
RewriteEngine On
LogLevel warn
ErrorLog /home/test/public_html/test/logs/error.log
CustomLog /home/test/public_html/test/logs/access.log combined
WSGIDaemonProcess test user=www-data group=www-data threads=20 processes=2
WSGIProcessGroup test_ssl
WSGIScriptAlias / /home/test/public_html/test/release/apache/test.wsgi
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/test.com.crt
SSLCertificateChainFile /etc/apache2/ssl/gs_root.pem
SSLCertificateKeyFile /etc/apache2/ssl/www.test.com.key
</VirtualHost>
Here is the urls.py file:
from django.conf.urls.defaults import patterns, include, url
from django.contrib import admin
from django.conf import settings
from gallery.models import LOCATIONS, Photo
admin.autodiscover()
from satchmo_store.urls import urlpatterns as satchmo_urls
from satchmo_store.shop.views.sitemaps import sitemaps
from cms.sitemaps import CMSSitemap
sitemaps['pages'] = CMSSitemap
urlpatterns = patterns('',
url(r'^admin/', include(admin.site.urls)),
url(r'^search/', include('haystack.urls')),
# Include satchmo urls. Unfortunately, this also includes it's own
# /admin/ and everything else.
url(r'^shop/', include(satchmo_urls)),
url(r'^sitemap\.xml/?
There is also a conf for non ssl which is working fine.
Whenever I request the HTTPS version of the site, I get a 302 header response which redirects to the HTTP version.
There are no redirects in the apache conf that explicitly state go to port 80.
Ive been banging my head against this for a while, any help would be great!
Thanks
, 'django.contrib.sitemaps.views.sitemap', {'sitemaps': sitemaps}),
url(r'events/gallery/(.*)/(.*)/
There is also a conf for non ssl which is working fine.
Whenever I request the HTTPS version of the site, I get a 302 header response which redirects to the HTTP version.
There are no redirects in the apache conf that explicitly state go to port 80.
Ive been banging my head against this for a while, any help would be great!
Thanks
, 'gallery.views.events_image'),
url(r'locations/view-all/(.*)/
There is also a conf for non ssl which is working fine.
Whenever I request the HTTPS version of the site, I get a 302 header response which redirects to the HTTP version.
There are no redirects in the apache conf that explicitly state go to port 80.
Ive been banging my head against this for a while, any help would be great!
Thanks
, 'gallery.views.locations_image'),
url(r'locations/view-all/
There is also a conf for non ssl which is working fine.
Whenever I request the HTTPS version of the site, I get a 302 header response which redirects to the HTTP version.
There are no redirects in the apache conf that explicitly state go to port 80.
Ive been banging my head against this for a while, any help would be great!
Thanks
, 'gallery.views.locations_view_all',{
'queryset':Photo.objects.filter(gallery__category=LOCATIONS).distinct()}),
url(r'^contact-us/', include('contact_form.urls')),
url(r'^', include('cms.urls')),
)
if settings.DEBUG:
urlpatterns = patterns('',
(r'^media/(?P<path>.*)
There is also a conf for non ssl which is working fine.
Whenever I request the HTTPS version of the site, I get a 302 header response which redirects to the HTTP version.
There are no redirects in the apache conf that explicitly state go to port 80.
Ive been banging my head against this for a while, any help would be great!
Thanks
, 'django.views.static.serve', {'document_root': settings.MEDIA_ROOT}),
(r'^static/(?P<path>.*)
There is also a conf for non ssl which is working fine.
Whenever I request the HTTPS version of the site, I get a 302 header response which redirects to the HTTP version.
There are no redirects in the apache conf that explicitly state go to port 80.
Ive been banging my head against this for a while, any help would be great!
Thanks
, 'django.views.static.serve', {'document_root': settings.STATIC_ROOT}),
(r'^404/
There is also a conf for non ssl which is working fine.
Whenever I request the HTTPS version of the site, I get a 302 header response which redirects to the HTTP version.
There are no redirects in the apache conf that explicitly state go to port 80.
Ive been banging my head against this for a while, any help would be great!
Thanks
, 'django.views.defaults.page_not_found'),
(r'^500/
There is also a conf for non ssl which is working fine.
Whenever I request the HTTPS version of the site, I get a 302 header response which redirects to the HTTP version.
There are no redirects in the apache conf that explicitly state go to port 80.
Ive been banging my head against this for a while, any help would be great!
Thanks
, 'django.views.defaults.server_error'),
) + urlpatterns
There is also a conf for non ssl which is working fine.
Whenever I request the HTTPS version of the site, I get a 302 header response which redirects to the HTTP version.
There are no redirects in the apache conf that explicitly state go to port 80.
Ive been banging my head against this for a while, any help would be great!
Thanks
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
您可能已经修复了它,这可能是一个完全不同的问题,但我刚刚遇到了一些听起来有点相似的东西,并且由于我没有找到解决您问题的答案,我认为可能值得发布回复(尽管我是 301 而你是 302)。
我正在运行一个 Django 站点(Django 1.6.1),gunicorn 位于 nginx 后面。所以nginx做SSL。环境变量
HTTPS设置为on。当我设置一台没有 http 到 https 重定向的测试服务器时,我注意到一些请求最终被重定向到一个 http 地址 - 与您所描述的类似,但在我的情况下,它只是针对一个特定的链接。查看请求和响应标头后,我发现:
初始请求
https://example.org/test被 Django/gunicorn 使用301 MOVED PERMANENTLY重定向到http://exmaple.org/test/。然后,nginx 响应400 Bad Request - 普通 HTTP 请求已发送到 HTTPS 端口。很快我发现了一个我以前没有太注意的设置:
APPEND_SLASH(https://docs.djangoproject.com/en/1.6/ref/settings/#std:setting-APPEND_SLASH) 使用默认值正确。将
APPEND_SLASH = False添加到我的settings.py文件后,对https://example.org/test的请求导致404 NOT FOUND响应,没有重定向到 http。所以看来APPEND_SLASH不尊重HTTP环境变量设置 - 我猜配置SECURE_PROXY_SSL_HEADER(https://docs.djangoproject.com/en/1.6/ref/settings/#std:setting-SECURE_PROXY_SSL_HEADER) 可以解决这个问题,我还没有测试过。顺便说一句,在我的例子中,“错误”链接的原因是模板中的硬编码链接。避免此类链接的简单方法是使用内置的
{% url ... %}模板标记 (https://docs.djangoproject.com/en/1.6/ref /templates/builtins/#url[抱歉,我无法使此链接可点击,因为我没有“至少 10 个声誉”...])。也许这对您或其他想知道为什么 Django 有时会从 https 重定向到 http 的人有帮助。
You probably already fixed it and it could be an entirely different problem, but I just came across something that sounds somewhat similar and as I did not find an answer that addressed your issue, I thought it might be worth to post a reply (despite I was having a 301 and you a 302).
I am running a Django site (Django 1.6.1) with gunicorn behind nginx. So nginx does the SSL. The environment variable
HTTPSis set toon.When I set up a test server without an http-to-https redirect, I noticed that some requests end up being redirected to an http address - similar to what you describe, but in my case it was just for one particular link. After looking into the request and response headers, I found out:
The initial request
https://example.org/testgot redirected by Django/gunicorn with301 MOVED PERMANENTLYtohttp://exmaple.org/test/. nginx then responded with400 Bad Request - The plain HTTP request was sent to HTTPS port.Quickly I came across a setting I had not paid much attention to before:
APPEND_SLASH(https://docs.djangoproject.com/en/1.6/ref/settings/#std:setting-APPEND_SLASH) with the default valueTrue.After adding
APPEND_SLASH = Falseto mysettings.pyfile, a request tohttps://example.org/testresulted in a404 NOT FOUNDresponse, without a redirect to http. So it seems thatAPPEND_SLASHdoes not respect theHTTPenvironment variable setting - I guess configuringSECURE_PROXY_SSL_HEADER(https://docs.djangoproject.com/en/1.6/ref/settings/#std:setting-SECURE_PROXY_SSL_HEADER) would solve this, I have not tested it yet.By the way, the reason for that "faulty" link in my case was a hard-coded link in a template. The easy way to avoid links like that is using the built-in
{% url ... %}template tag (https://docs.djangoproject.com/en/1.6/ref/templates/builtins/#url[sorry, I could not make this link clickable because I don't have "at least 10 reputation"...]).Perhaps this helps you or anyone else who wonders why Django sometimes redirects from https to http.
我知道这是一个老问题,但我刚刚花了几个小时寻找相同问题的解决方案,所以我想我会在这里发布我最终解决的问题。
我使用的是 Satchmo,就像原始海报一样,它有一个中间件类 satchmo_store.shop.SSLMiddleware.SSLRedirect,默认情况下,它发送一个重定向,与原始问题中描述的完全一样,从 https 到 http,并带有 302 标头响应。注释 MIDDLEWARE_CLASSES 中的行可以解决问题,如果有人想完全通过 https 运行,但文档 http://satchmo.readthedocs.org/en/latest/configuration.html#ssl 解释了如何正确使用它,这就是我要尝试做的事情。
I know this is an old question but I have just spent hours searching for a solution to an identical problem so I thought I would post what I eventually worked out here.
I was using Satchmo as the original poster was, It has a middleware class satchmo_store.shop.SSLMiddleware.SSLRedirect which by default sends a redirect exactly as described in the original question from https to http with a 302 header response. Commenting the line in MIDDLEWARE_CLASSES fixes the problem and may be OK if anyone wants to run completely over https but the documentation http://satchmo.readthedocs.org/en/latest/configuration.html#ssl explains how to use it properly which is what I am going to try to do.
我唯一能想到的是数据库中的站点设置。如果您在
Site对象中添加了明确的端口号...您可以查看一下您的管理员吗?Only thing that I can think of is your site setting in the database. If you put an explicit port number in your
Siteobject... Could you take a look in your admin?