I've defined custom templates for errors 400, and 404 for my Django project. When I try to access the production version of my site, the error 404 template is correctly loaded for missing pages. However, if I send a bad request to my Apache/Django server (e.g. http://mysite.example.com/%), the template for the error 400 is not loaded, instead, the regular Apache error page is rendered:
Bad Request
Your browser sent a request that this server could not understand.
Apache/2.4.18 (Ubuntu) Server at mysite.example.com Port 80
Is apache relaying this request to Django at all, or do I need to define handler400 in my Django project in order for this to work (though I didn't have to do that for the 404.html)?
The crucial point here is that your apache is acting as a proxy for your usgi server. It's forwarding all valid requests to usgi, a request for a non existent request is a valid request as far as apache is concerned and needs the forwarded to the django router - which will find that the url mapping does not exist and raise a 404 error. This error is done internally by django and results in the django 404 page being shown.
Some requests, most notably the django rest framework produce 400 responses internally when the serializers fail to validate the incoming json request. Those will also result in the django 400 page being shown.
However if the request itself is malformed, it will never be forwarded to the usgi server and django will never see it. it will be handled internally by apache hence the reason that the apache 400 html is shown.
The simplest solution would be to replace all the apache error pages with the corresponding django one (if these are templates, render them and save the html)
Related
i try to use the Quickstart sign-in of Microsoft using python.
Currently i have this in redirects URL: redirect url
and in my config file i have: Config file
i have not make any change in the others files but when i try to test i receive this message:
Error
how can i solve this issue?
Thanks!
This error usually occurs when the real redirect_uri doesn't match the reply url in Azure portal. You can track the auth request url to find the real redirect_uri. The request url is something like
https://login.microsoftonline.com/{tenant}/oauth2/authorize? client_id=6731de76-14a6-49ae-97bc-6eba6914391e &response_type=code &redirect_uri=http%3A%2F%2Flocalhost%3A12345 &response_mode=query &resource=https%3A%2F%2Fservice.contoso.com%2F &state=12345
After clicking sign in button and before inputting the account, you will find the request url.
The reply URL in the portal needs to match exactly what is configured in the application code. For example, https and http register differently, and a mismatch would cause this error. The application ID/Client ID and tenant IDs also need to match in both places.You need to change the port from 5000 to the effective one.
I also had this problem. I was using the link from flask to go to http://127.0.0.1:5000/ instead of getting http://localhost:5000/ in the browser. Although both these urls point to the site, only the the localhost url is recognized by the app registration.
I have a Django site that works well on a server using HTTPS protocol, I can use it with no problem with all kind of browsers.
The thing is that every time I try to use a text browser, I get a
Forbidden (403)
CSRF verification failed. Request aborted.
You are seeing this message because this HTTPS site requires a 'Referer header' to be sent by your Web browser, but none was sent.
This header is required for security reasons, to ensure that your browser is not being hijacked by third parties.
If you have configured your browser to disable 'Referer' headers, please re-enable them, at least for this site, or for HTTPS
connections, or for 'same-origin' requests.
Help
Reason given for failure:
Referer checking failed - no Referer.
I have tried links, lynx, even w3m and eww on emacs, to no avail.
When I use a HTTP site (like when I'm using the manage.py runserver) I can use the site on text browsers with no problem, but my production server needs a HTTPS protocol and that's when I get this error.
[ EDIT: just for testing purposes, I deployed an HTTP server for my django site on the production server. It works well on text browsers... ]
[ EDIT: given the message the server throws, why are Referer headers not been given? ]
Lynx is likely configured to not send the Referer header. Check /etc/lynx.cfg for "REFERER".
There are entries like NO_REFERER_HEADER. Make sure that's set to false. If that's not it, check around in that config for any other disabled referer headers.
Also related, the CSRF and Referer header debate: https://code.djangoproject.com/ticket/16870
Are you setting SECURE_PROXY_SSL_HEADER, SESSION_COOKIE_SECURE and CSRF_COOKIE_SECURE in your settings?
https://docs.djangoproject.com/en/1.7/topics/security/#ssl-https
I get 404 not found response when I use a parameter which include '%2f' in url path on Google App Engine/Python (only on production server, not on my mac development server).
I use Kay-framework(http://kay-docs.shehas.net/index.html) as my GAE/Python framework.
I set url routing like below.
Rule('/rest/article/<string:article_id>', endpoint='article',view='myapp.views.article'),
and request to this url works fine in my Mac development server. Server returns 200 OK.
http://localhost:8080/rest/article/foobar%2Bfoobar%2Ffoobar => 200
But, when I send request to this url on GAE production server, GAE server returns 404.
http://foo-bar-app.appspot.com/rest/article/foobar%2Bfoobar%2Ffoobar => 404
I have to use parameters which include "/" (url encoded to "%2f").
Are there any ways to solve this problem?
I have just run into this problem myself. As I have control over the URL, I can escape the '%' itself, which is then recognised by GAE correctly. ie:
linkUrl = string.replace(linkUrl, '%2F', '%252F') # Workaround to avoid %2F issue on GAE servers
Ugly, but works in my case.
I have Django project on Dreamhost server which has several views that returns Json response.Yesterday I have ported my Django project from local machine(localhost) to dreamhost server running apache.Now if I call my django view through jquery for
http://www.abc.com/projects/
It should return me all projects that i have in my mongodb database but instead of that it returns :
On Firefox - just headers with no response
Connection Keep-Alive
Content-Type application/json
Date Thu, 19 Jan 2012 09:03:34 GMT
Keep-Alive timeout=2, max=100
Server Apache
Status 200 OK
Transfer-Encoding chunked
On Chrome - No headers and response data.It throws an error:
XMLHttpRequest cannot load http://abc.com/Projects/. Origin null is not allowed by Access-Control-Allow-Origin.**
If I just access the http://www.abc.com/projects/ through my web-browser it returns me results in json format,but not in case if I use JavaScript/Jquery.
Earlier I was using this middleware to allow other domains to request and get response on my local-machine with django in-built server.But now when I am running on apache server It stops working so I removed It from Settings.py file.
I don't know why is this error coming .Please help
*EDIT*
As #burhan suggested I used jsonp on client side and now my server is returning json but browser is giving error before parsing it.Error is : unexpected token
JSON i am getting in reply is :
{"projects": [{"projectName": "carmella", "projectId": "4f13c7475fcff30710000000"}, {"projectName": "SeaMonkey", "projectId": "4f1677b75fcff37c03000001"}]}
You are running into the same origin policy sandbox. Since your server is www.abc.com and you are accessing abc.com - the origin is not the same, which is why the script is not executing.
You have a few options:
Make sure the URL matches exactly - to avoid the same origin policy sandbox.
Use jsonp in your javascript libary.
can anyone tell me why the session id changes for first url request in python deployed on apache?
eg:
if i request for www.mysite.com ,i get sessionid=abcd later for
next url request like www.mysite.com/something i get sessionid=efgh
just because of this i cant login to my website since i try getting session from session
table and its giving error.
In django development server its working fine,but its causing error only in apache server.