Ok, so I want to catch all the URLs in my Flask app, with this piece of code
#app.route('/<path:path>')
def catch_all(path):
return path
Just a basic app with shows the relative path of each page. So this works fine for most of the paths (localhost/whatever/I/want for example prints whatever/I/want).
EXCEPT in one case. For example if I type localhost/foo/http://google.com/bar in the URL bar, what I expected to be shown is foo/http://google.com/bar, but what I actually get is only bar. So actually Flask finds the last valid URL and takes the path following this URL.
Is there anyway to catch the real path of our URL?
Edit: I'm running Flask 0.10 using the Google App Engine for Python.
I was able to reproduce your problem with the current Google App Engine SDK; this is caused by the way the bundled CherryPy server parses the request.
The problem applies only to your local dev server, when you deploy the app to Google, a different handler parses the URI and the http:// scheme is left unparsed.
See CherryPy issue #1284 as well as the corresponding appengine devserver ticket.
The work-around is to URI-encode the colon:
http://localhost:8000/foo/http%3A//google.com/bar
works.
Related
I am deploying Flask on CPanel, and basic configurations are working correctly,
up to the point that I can access home route, defined as:
#app.route("/home")
#app.route("/")
def home():
return "This is home page, blah blah blah"
The site can be thought of, as being accessed at
https://sub-domain.main-domain.com/base-url,
thus, home page is accessed as https://sub-domain.main-domain.com/base-url/ and that works perfectly.
Problem
So, the issue comes when I access any other route, other than the slash("/"),
in the above example, for instance, accessing
https://sub-domain.main-domain.com/base-url/home,
doesn't seem to work at all, and results in
The configuration file does not exist. error.
Any possible help would be kindly appreciated. my passenger_wsgi.py is configured as:
import sys
# add your project directory to the sys.path
base_dir = u'/home/cpaneusername/base-dir'
if base_dir not in sys.path:
sys.path = [base_dir] + sys.path
# import flask app but need to call it "application" for WSGI to work
from app import website as application
Nevertheless, thanks for the assistance.
What I can suggest resolving the issue is to change the base URL of your Python app and remove any sub-folders from it. For example, just keep it that way:
https://sub-domain.main-domain.com/
And try again.
Otherwise, you might want to change the /home route of your app to this one instead:
#app.route("/base-url/home")
If none of the above works, then make sure that you have the correct .htaccess rules in place to forward the requests properly to your app, but I assume you already have considering the fact that you are able to access the / of the app.
I tried moving the Python app and other supporting modules to /public folder, and in the wsgi file, I imported as
from public.app import website as application
There, it worked.
I followed the steps in this tutorial to enable SSO with Azure Active Directory for the admin portion (to start) of my Django app:
https://django-microsoft-auth.readthedocs.io/en/latest/usage.html
Navigating to /admin yields this page, which is good:
Clicking Microsoft brings up this new window:
The important error seems to be:
AADSTS90102: 'redirect_uri' value must be a valid absolute URI.
In this window, I used the browser console and found that a GET request was being made like this:
https://login.microsoftonline.com/50ce...90ac7/oauth2/v2.0/authorize?response_type=code&client_id=f4...27&redirect_uri=https,https://example.org/microsoft/auth-callback/&s...
Note the redirect_uri=https,https://.... It seems like that leading "https," is superfluous and is causing the problem. Any ideas where that could be coming from?
In my Azure app, the redirect URI is set to https://example.org/microsoft/auth-callback/:
I'm using Python 3.9.6, Django 3.2, django-microsoft-auth 2.4.0, NGINX 1.18.0, uvicorn 0.14.0
I've searched for help on this and haven't found anything relevant to my situation. Thanks in advance!
Based on the SO Thread Reference.
Use http as the redirect URI instead of https to resolve the issue in most cases.
use
http://localhost:8080/microsoft/auth-callback/
Instead of
https://localhost:8080/microsoft/auth-callback/
If there is a option,
Use localhost:8080 into the table django_site
Reference SO Thread: django-microsoft-auth : The provided value for the input parameter 'redirect_uri' is not valid
As you think, the first https is superfluous, you just need to delete it.
https://login.microsoftonline.com/50ce...90ac7/oauth2/v2.0/authorize?response_type=code&client_id=f4...27&redirect_uri=https://example.org/microsoft/auth-callback/&s...
By the way, I think there is no problem with the redirect_uri you set in the Azure portal.
I guess it is a problem of the redirecting URL. The example URL is coming from django site table. So first of all you need to enable the site:
#in settings.py
SITE_ID = 1
Afterwards you can go to the admin interface and set the url of the site to the correct domain. From my experience I know that it won't work without that.
I've been struggling with this for a while, and can't seem to figure it out.
I have a google appengine project, with flask, and I need a route that handles base64 URIencoded data.
Here is the handler I have for this route:
#app.route('/test/<data1>/<data2>', methods=['GET'])
def test(data1, data2):
return "data1:%s<br>data2:%s"%(data1, data2)
Now, this works nicely when running with dev_appserver:
http://localhost/test/hi/there
# returns:
data1:hello
data2:there
and
http://localhost/test/hi%2fho/there
# returns:
data1:hi%2Fho
data2:there
which is what I would expect.
Using the same urls on a deployed version to appengine:
The first one returns the same result
The second one fails, because the %2f gets decoded before the routing to a /, therefore the route does not match the pattern anymore.
My question(s):
Why does appengine (or flask?) decode the url before routing ?
Why is the behavior not consistent between local and deployed appengine ?
Thanks for your help
I created an issue on google's issue tracker, and someone acknowledged it.
I guess we just have to wait now.
I'm trying to deploy a Flask app within Azure, using the pre made template created by Azure.
I can't get a simple...
from flask import Flask
app = Flask(__name__)
#app.route('/')
def hello():
return "Hello World!"
if __name__ == '__main__':
app.run()
To do anything. To simplify further still, even the pre made deployment returns an error...
Clearly I'm misunderstanding something very fundamental here.
Using FTP I can see the files that Azure is creating - sure does look like there should be a nice little demo site.
What am I doing wrong?
Cheers, Ben
According to your description, I think the issue was caused by some incorrect configuration in the web.config & the Application Settings of your WebApp settings. Please try to refer to the blog to resolve it.
Meanwhile, I don't know what pre made template created by Azure you used. I tried to create a new Azure WebApp for Flask as below.
The file list in the wwwroot path in the Kudu tool or FTP shown as below.
Then, I modified the code views.py in the FlaskWebProject1 directory. And it works.
It seems to be more simple. Hope it helps.
I've been figthing the same issue for a while, I have only be able to workaround it by changing the pricing tier associated to the "service plan" to S2 Standard. If I try to use S1 Standard I run into the same issues.
I want to do some web scraping with GAE. (Infinite Campus Student Information Portal, fyi). This service requires you to login to get in the website.
I had some code that worked using mechanize in normal python. When I learned that I couldn't use mechanize in Google App Engine I ended up using urllib2 + ClientForm. I couldn't get it to login to the server, so after a few hours of fiddling with cookie handling I ran the exact same code in a normal python interpreter, and it worked. I found the log file and saw a ton of messages about stripping out the 'host' header in my request... I found the source file on Google Code and the host header was in an 'untrusted' list and removed from all requests by user code.
Apparently GAE strips out the host header, which is required by I.C. to determine which school system to log you in, which is why it appeared like I couldn't login.
How would I get around this problem? I can't specify anything else in my fake form submission to the target site. Why would this be a "security hole" in the first place?
App Engine does not strip out the Host header: it forces it to be an accurate value based on the URI you are requesting. Assuming that URI's absolute, the server isn't even allowed to consider the Host header anyway, per RFC2616:
If Request-URI is an absoluteURI, the host is part of the Request-URI.
Any Host header field value in the
request MUST be ignored.
...so I suspect you're misdiagnosing the cause of your problem. Try directing the request to a "dummy" server that you control (e.g. another very simple app engine app of yours) so you can look at all the headers and body of the request as it comes from your GAE app, vs, how it comes from your "normal python interpreter". What do you observe this way?