I am using the cloudinary sample django project:
https://github.com/cloudinary/cloudinary-django-sample
I made the following changes:
- using django 1.8.6
- using cloudinary 1.4.0
- added CLOUDINARY_URL environment variable
- added cloudinary_cors.html file (provided by cloudinary) in static/html directory
I can perform server-side upload and everything works fine.
When I perform browser upload (signed or unsigned), the image selected uploads to my cloudinary account successfully, but the cloudinarydone event never occurs and the browser doesn't resister a successful upload.
Instead, I am getting this error in the browser console:
XMLHttpRequest cannot load https://api.cloudinary.com/v1_1/[namespace]/auto/upload. The request was redirected to 'localhost:8000/static/html/cloudinary_cors.html?bytes=4304&created_a…s=%23%3CSet%3A0x0000000ab0e050%3E&type=upload&version=[num]&width=402', which is disallowed for cross-origin requests that require preflight.
I would think the POST doesn't require a preflight CORS request. I have seen other posts online about the preflight error, and it seems some of them were resolved by fixing javascript imports. My order is:
1. jQuery
2. uiwidget
3. iframe-transport
4. fileUpload
5. cloudinary.js
which seems correct based on said posts.
What am I doing wrong? What do I need to change to get the cloudinarydone event?
we're working on a fix for this issue.
Meantime, in upload.html you should replace the following line:
.fileupload({
with
.cloudinary_fileupload({
This should solve the issue for you.
Related
I am trying to embed a youtube URL into a frame in a Django template. Each time I receive the same message in the console:
Refused to display 'https://www.youtube.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
I have tried inserting two decorators before the view:
#frame_deny_exempt
#xframe_options_exempt
No effect. In a final test I inserted this statement into settings.py just to see if it would turn off the xframe check:
X_FRAME_OPTIONS = 'ALLOWALL'
The same error appears.
I also tried removing the XFrameOptions middleware, no change.
This is in a local testing environment so I am using the Django web server, my production server (which I have not tried moving this to for obvious reasons) is an Azure instance running NGINX
Are you using an embeddable URL?
https://support.google.com/youtube/answer/171780
It is YouTube that is providing the X-Frame-Options header that the browser is complaining about, which implies you are trying to embed the normal URL to the video.
I've been trying to add google login to my django app following this tutorial:
https://github.com/RealmTeam/django-rest-framework-social-oauth2
By following exactly the instructions, everything works fine in local.
However, when I try to replicate the same on the server, I get the following error on the redirect page of the login:
Error 400: redirect_uri_mismatch
redirect_uri: http://localhost:8000/auth/complete/google-oauth2/
What is strange to me is, in my google developer console, I have set up the correct redirect url in my app, as follows:
https://mydjangoapp.com/auth/complete/google-oauth2/
And I have also put 'mydjangoapp.com' under 'Authorised JavaScript origins'.
So my question is, why google keeps telling me that the redirect url is
http://localhost:8000/auth/complete/google-oauth2/
which is not the one I have set up in the console? Perhaps there is something obvious that I'm missing here. Thank you!
Why google keeps telling me that the redirect url is
Because your application is sending its in your code the app is running on http://localhost:8000 and if you are using a client library its probably adding the rest automatically.
http://localhost:8000/auth/complete/google-oauth2/
The redirect uri must exactly match what you are sending from your application.
You need to add
http://localhost:8000/auth/complete/google-oauth2/
Javascript origin is only needed if your code is using javascript.
This video will show you how to fix the error. Google OAuth2: How the fix redirect_uri_mismatch error. Part 2 server sided web applications.
If you want your code to send https://mydjangoapp.com then your going to have to be running it from https://mydjangoapp.com probably and you may need to figure out how to configure it so that it is running from the correct host.
I am trying to implement all-auth using Github in my django project. I have set the callback url as per this tutorial. So far, even if the login page for github shows up, it doesn't call back properly and I get this error in the url
http://127.0.0.1:8000/accounts/github/login/callback/?error=redirect_uri_mismatch&error_description=The+redirect_uri+MUST+match+the+registered+callback+URL+for+this+application.&error_uri=https%3A%2F%2Fdeveloper.github.com%2Fapps%2Fmanaging-oauth-apps%2Ftroubleshooting-authorization-request-errors%2F%23redirect-uri-mismatch&state=exDbVJKNYzUI
This is the github repo of the project.
http://127.0.0.1:8000/accounts/github/login/callback/
is my authorization callback url set as per the tutorial.
Any insight to why the callback url is not working is welcome. Thanks.
For those who are looking for an answer to this,
if you configure the callback url to be from 127.0.0.1, make sure you're requesting the callback from the same url. Although localhost and 127.0.0.1 both point to the same, it is different urls. So you will get url mismatch error.
If you defined authorization callback in the GitHub UI with https protocol than this setting solves the issue:
ACCOUNT_DEFAULT_HTTP_PROTOCOL='https'
This is coming from the answer found here: Django allauth google OAuth redirect_uri_mismatch error
I am using AWS codestar to deploy by react application using serverless nodejs template. This is the url that is given by codestar after successfully completion of all the stages https://xxxxx.execute-api.us-east-1.amazonaws.com/Prod . This url displayed all the components in my app correctly. In navbar of my app i have items like this a ,b,c. where clicking on each one of them will redirect to a new component.(i.e.https://xxxxx.execute-api.us-east-1.amazonaws.com/a,https://xxxxx.execute-api.us-east-1.amazonaws.com/b etc. But when i refresh the page which is having a url like this https://xxxxx.execute-api.us-east-1.amazonaws.com/b i am getting a error like {"message":"Forbidden"} and in my console it is showing like this favicon.ico:1 GET https://xxxx.execute-api.us-east-1.amazonaws.com/favicon.ico 403
It seems the chrome is fetching the favicon based on the https link, which fails because there is no such favicon at the location. I tried to remove favicon.ico link in index.html but even then the chrome is using the same url to fetch the favicon which eventually fails. I followed max number of suggestions in SO to acheive this but no luck. Is there any way to say api-gateway to exclude these favicon get requests and display my app rather than showing message forbidden.
And i am pretty sure that i had enabled logs for both the agi-gateway and lambda where i didnt find any forbidden errors(i.e.403) which is weird because i can see those 403 errors in my console.
Thanks
Any help is highly appreciated.
The https://xxxxx.execute-api.us-east-1.amazonaws.com/Prod url provided by API Gateway is the base url for your site, so those paths would have to be /Prod/a instead of /a.
One way to get around that is to register your own domain and connect it to API Gateway via a custom domain. That would allow you to have https://example.com as your base url, and your paths could stay /a, /b, etc.
Our Django App is failing media upload. This has been an off-and-on issue for us for a while. however, for about a week now, it's been consistently failing to upload media. Our media files are stored on S3.
On inspection, the uploaded files were found in the S3 buckets... However, the logs display the message below while the app throws an Application error...
Found this answer on GitHub (https://github.com/benoitc/gunicorn/issues/840)
Hi, we hit this issue in production using Flask + Gunicorn + Heroku and couldn't find a cause or a workaround.
For one particular POST request with POST parameters, the request would fail with an H18 error (sock=backend) in Heroku's router indicating that the server closed the socket when it shouldn't have.
We started decreasing the response size of that failing endpoint until we narrowed it down to around the 13k mark. If we sent less than 13k, the response would always work. If we sent more than 13k, the response would almost always not work.
Code to reproduce this is available at https://github.com/erjiang/gunicorn-issue - just deploy the repo to Heroku as is and follow the instructions in the README.