(Using Windows 7, Python 3.4, and Django 1.6, using virtualenv)
Hey, all. I tried using django-secure to force https and ssl on my django project. Then I decided I didn't want it until I actually put the site online, because I didn't have a security certificate, so I couldn't even try out the site on my computer. After removing the django-secure code from my settings, uninstalling django-secure using pip, and restarting my computer, any browser I visited the page with while using django-secure forces https whenever I run that particular django project, but not on other projects. Uninstalling and reinstalling worked for Safari and Firefox, but not for Chrome. I couldn't uninstall Internet Explorer or Opera using the Control Panel, so I thought it might be easier just to change some settings in the browsers, if I knew how to do that. Does anyone know how I can make Chrome not force https on my project and how to do that with Opera and IE without uninstalling them?
I think the above details could lead to finding the answer, but if you want it, here's my detailed description of what I did in what order:
I followed the installation and usage instructions at https://github.com/carljm/django-secure, up through "Set the SECURE_HSTS_SECONDS setting to an integer number of seconds and SECURE_HSTS_INCLUDE_SUBDOMAINS to True, if you want to use HTTP Strict Transport Security." I then tried it out on chrome and found out I needed a security certificate, and decided I'd rather wait till I actually put the website online. So I removed the parts of the settings file that I had added following the django-secure instructions, stopped and restarted my local server, opened it on chrome, and found that it forced https, but only for that particular django project. I then used pip to uninstall django-secure, but chrome still forced https. I tried it on firefox, ie, opera, and safari, and had no problem. I then restarted my computer, but that didn't solve the problem. So I reinstalled django-secure using pip, and repeated the steps I had followed from the django-secure instructions. I then ran it on safari and ie, removed those lines from settings, and reran it, and they continued to force https on that django project. I repeated the process with Opera and Firefox, and had the same problem. Uninstalling and reinstalling Safari and Firefox fixed the problem in those browsers. It didn't fix the problem in Chrome. I couldn't uninstall Opera or IE from the control panel, so I think I'll just wait till I find out another way of fixing the problem.
Clear your browser cache.
Django-secure sends a HttpResponsePermanentRedirect (302 status code) to the secure version of the page, so your browser will cache the response and always redirect you to the https version.
Related
I have followed this guide in setting up my localtunnel:
https://www.hongkiat.com/blog/accessible-local-web-server/
however, when I run the following command lt –port 80 nothing is showing. I started looking for this solution since Facebook seems to have stopped localhost access to FB.iu() method for sharing content on their site.
I have tried running as admin while disabling firewall and McAfees Antivirus Scan. I have used ngrok before now too but Facebook rejects it for no clear reason.
Below is an image of the steps taken:
Managed to get my way around this localhost tunneling issue using ngrok.
I noticed I'm expected to add additional domain names under App Domains in Facebook APP settings. So I added ngrok.io as an additional APP Domain and WHALAH! everything started working for the FB.ui() method.
I have a Django project (it's a big project meanwhile) and I can only connect to it via localhost using one browser (Chrome, Opera, Firefox, it doesn't matter which browser I use). When I connect to it once, Django is "locked" in this browser. When I try to connect to Django using another browser, it gets timed out. When I restart it I can again choice which browser I would like to use. But then Django gets "locked" again in this browser.
Example:
Django Server starts; I use Chrome; I can't use Opera, Firefox or any other browser anymore.
Django Server restarts; I use Opera; I can't use Chrome, Firefox or any other browser anymore.
I know this isn't a question about code but I don't know where this question fits except for Stackoverflow.
Do you have any idea?
EDIT
I also have this strange behaviour when I use incognito.
EDIT 2
I tried to reset the middlewares but that didn't change anything.
Ok this started happening to me today when running my script. I have been working on a refreshing program that opens several pages and refreshes them randomly on python. Recently I updated firefox and updated my browser (addons, themes, etc.), I think this update may be the cause to my problem but it happened before as well but only with the firefox welcome page. I basically want to make a script specific WebDriver profile(w/ Selenium) that doesn't have any one my normal browser addons or cookies. (a default Firefox webdriver)
I have reset the browsers plugin and settings and this didn't work. It only reset the preferences for my main browser. I also reinstalled selenium and this didn't change a thing. I've looked everywhere for maybe a line of code to disable plugins on firefox, but haven't had any luck. I hope somebody has an answer this is very annoying! Feel free to ask me for left out info.
python 2.7
selenium 2.48
This is currently a problem with a development environment that I'm running, which is Django's built in 'development server' (the one started with python manage.py runserver) running on my local machine. On my deployment machine which runs FCGI this is not a problem.
CSS files fail to download in Chrome but successfully download+render in Firefox. Both browsers get 200 OK responses from the server, but for whatever reason Chrome doesn't seem to be sent/receive the content of the files.
I can use either browser to navigate to the URL of the CSS file itself and view the document just fine.
It's probably best explained with screenshots...
In Chrome
Chrome Network Page
Everything up top looks like it downloads just fine. But note at the bottom Chrome reports "Failed to load resource" for all the CSS files.
Chrome CSS Headers
Everything looks OK in the CSS headers...
Chrome CSS Content
Except the content is empty...
In Firefox
Firefox CSS Headers
Everything looks good (note that the 'content-length' header is identical to Chrome)
Firefox CSS Content
And there's the content!
What gives? What could possibly be causing the content to fail to load?!
EDIT: I'm still pulling my hair out over this one. This only happens in Chrome. I've restarted/updated/cleared my cache a million times--I'm at a complete loss.
It's simple enough to avoid--just use a different browser to view the page--but why is it happening?!?!
Time to upgrade your chrome, or to move to stable channel, if you are using the distribution repository archives.
I once faced a similar issue and followed the same course.
If you have an ad blocker or tracker blocker chrome extension installed, such as Ghostry; it can block some legitimate files. I have run into this problem. To fix it I added an exception for the problem site.
I have deployed my application on subdomain.domain.com (it works only on that one subdomain). Everything works fine except the fact that from time to time users cannot log in to application (the message "Looks like your browser isn't configured to accept cookies. Please enable cookies, reload this page, and try again" is shown when trying to log into admin panel). I've noticed that restarting the web server eliminates this problem for some time.
Does anyone have experience with setting up django project on subdomain and can guide me how to configure my application to make it work correctly without need to ocasionally make reset?
I'd tried to set up SESSION_COOKIE_DOMAIN = 'subdomain.domain.com' setting but it didn't solve the problem (maybe I set it wrong?)
I use Django 1.1.1, Python 2.5.4 for this project. Project is deployed in provider I use for other projects and cookies works there perfectly. Other projects run also on subdomains and do not have SESSION_COOKIE_DOMAIN set at all.
in your settings do you have SESSION_COOKIE_DOMAIN set? If so, is it set to something that isn't the domain the site is operating on?