serving over either 80 or 443
63 views
Skip to first unread message
Larry Martell
Jul 19, 2017, 4:56:57 PM7/19/17
to django...@googlegroups.com
This is probably not strictly a Django question, but I'm hoping
someone here has had to solve this before.
We have a django app that is sometimes deployed in an environment with
SSL and talks over port 443, and other times is deployed in a non-SSL
environment and talks over port 80. In our templates we serve CSS and
JS files with this: href="https://0.0.0.0:443/..." When running over
port 80 that does not work. Is there a way to tell in the template if
we are using port 80 or 443 and adjust the href accordingly?
someone here has had to solve this before.
We have a django app that is sometimes deployed in an environment with
SSL and talks over port 443, and other times is deployed in a non-SSL
environment and talks over port 80. In our templates we serve CSS and
JS files with this: href="https://0.0.0.0:443/..." When running over
port 80 that does not work. Is there a way to tell in the template if
we are using port 80 or 443 and adjust the href accordingly?
François Schiettecatte
Jul 19, 2017, 5:14:55 PM7/19/17
to django...@googlegroups.com
This tells you whether the request is secure or not:
https://docs.djangoproject.com/en/1.11/ref/request-response/#django.http.HttpRequest.is_secure
You could set a flag in the context you pass your templates.
And what about stripping 'https://0.0.0.0:443/‘ from the url, just use ‘/static/file.css'
François
> --
> You received this message because you are subscribed to the Google Groups "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
> To post to this group, send email to django...@googlegroups.com.
> Visit this group at https://groups.google.com/group/django-users.
> To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CACwCsY61p7F%3DH5BYR3tKnFpDE6mdW%2BSV_QsJVHY%3DvsZDa2Yk6Q%40mail.gmail.com.
> For more options, visit https://groups.google.com/d/optout.
https://docs.djangoproject.com/en/1.11/ref/request-response/#django.http.HttpRequest.is_secure
You could set a flag in the context you pass your templates.
And what about stripping 'https://0.0.0.0:443/‘ from the url, just use ‘/static/file.css'
François
> You received this message because you are subscribed to the Google Groups "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
> To post to this group, send email to django...@googlegroups.com.
> Visit this group at https://groups.google.com/group/django-users.
> To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CACwCsY61p7F%3DH5BYR3tKnFpDE6mdW%2BSV_QsJVHY%3DvsZDa2Yk6Q%40mail.gmail.com.
> For more options, visit https://groups.google.com/d/optout.
James Schneider
Jul 20, 2017, 1:27:56 AM7/20/17
to django...@googlegroups.com
IMO this shouldn't be something you are determining on every request, it's a waste. You should either:
A. Use relative URL's as Francois mentioned (if the request is against the same server). Only use absolute URL's of you need to contact a server with a different name.
B. Use a custom setting in settings.py for each customer that specifies like RESOURCE_PREFIX = 'https://<server>/' and then use a template context processor to automatically populate all of your template contexts with it. Then it's just a matter of referencing the variable in the template combined with whatever path you need. They are stupid easy to write:
C. Strongly encourage all of your customers to convert everything to use TLS, especially if any sort of credentials or sensitive data are involved. There's really no excuse anymore with the advent of LetsEncrypt.
-James
Tom Evans
Jul 20, 2017, 6:11:45 AM7/20/17
to django...@googlegroups.com
For resources on other sites, use protocol relative URLs, like:
//www.foo.com/foo/bar
The resource will be loaded using whatever protocol the page
requesting it was loaded with.
Cheers
Tom
Larry Martell
Jul 20, 2017, 9:14:00 AM7/20/17
to django...@googlegroups.com
On Wed, Jul 19, 2017 at 5:14 PM, François Schiettecatte
<fschiet...@gmail.com> wrote:
> This tells you whether the request is secure or not:
>
> https://docs.djangoproject.com/en/1.11/ref/request-response/#django.http.HttpRequest.is_secure
Thanks I did not know about that.
<fschiet...@gmail.com> wrote:
> This tells you whether the request is secure or not:
>
> https://docs.djangoproject.com/en/1.11/ref/request-response/#django.http.HttpRequest.is_secure
> You could set a flag in the context you pass your templates.
>
> And what about stripping 'https://0.0.0.0:443/‘ from the url, just use ‘/static/file.css'
we generate a PDF from the HTML. We call render_to_string and then
pass the HTML into wkhtmltopdf. Only for that case do we need the
'https://0.0.0.0:443/' - without that the PDF does not render
properly. It works over 443, but when on a different non-SSL port it
does not work. That is the case I am trying to solve.
Larry Martell
Jul 20, 2017, 9:14:55 AM7/20/17
to django...@googlegroups.com
On Thu, Jul 20, 2017 at 1:27 AM, James Schneider
<jrschn...@gmail.com> wrote:
>
>
> On Jul 19, 2017 1:56 PM, "Larry Martell" <larry....@gmail.com> wrote:
>
> This is probably not strictly a Django question, but I'm hoping
> someone here has had to solve this before.
>
> We have a django app that is sometimes deployed in an environment with
> SSL and talks over port 443, and other times is deployed in a non-SSL
> environment and talks over port 80. In our templates we serve CSS and
> JS files with this: href="https://0.0.0.0:443/..." When running over
> port 80 that does not work. Is there a way to tell in the template if
> we are using port 80 or 443 and adjust the href accordingly?
>
>
> IMO this shouldn't be something you are determining on every request, it's a
> waste. You should either:
>
> A. Use relative URL's as Francois mentioned (if the request is against the
> same server). Only use absolute URL's of you need to contact a server with a
> different name.
See my reply to Francois.
<jrschn...@gmail.com> wrote:
>
>
> On Jul 19, 2017 1:56 PM, "Larry Martell" <larry....@gmail.com> wrote:
>
> This is probably not strictly a Django question, but I'm hoping
> someone here has had to solve this before.
>
> We have a django app that is sometimes deployed in an environment with
> SSL and talks over port 443, and other times is deployed in a non-SSL
> environment and talks over port 80. In our templates we serve CSS and
> JS files with this: href="https://0.0.0.0:443/..." When running over
> port 80 that does not work. Is there a way to tell in the template if
> we are using port 80 or 443 and adjust the href accordingly?
>
>
> IMO this shouldn't be something you are determining on every request, it's a
> waste. You should either:
>
> A. Use relative URL's as Francois mentioned (if the request is against the
> same server). Only use absolute URL's of you need to contact a server with a
> different name.
> B. Use a custom setting in settings.py for each customer that specifies like
> RESOURCE_PREFIX = 'https://<server>/' and then use a template context
> processor to automatically populate all of your template contexts with it.
> Then it's just a matter of referencing the variable in the template combined
> with whatever path you need. They are stupid easy to write:
>
> https://docs.djangoproject.com/en/1.11/ref/templates/api/#writing-your-own-context-processors
>
> C. Strongly encourage all of your customers to convert everything to use
> TLS, especially if any sort of credentials or sensitive data are involved.
> There's really no excuse anymore with the advent of LetsEncrypt.
Reply all
Reply to author
Forward
0 new messages