Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Direct SSL is not sent to Django

See original GitHub issue

When you start up Daphne with SSL enabled and generate absolute URLs in your Django application, the resulting URLs does not use HTTPS, but HTTP.

This results in unusable URLs.

If you want to know if a request is using ssl, use request.isSecure()

Issue Analytics

State:
Created 6 years ago
Comments:6 (3 by maintainers)

Top GitHub Comments

1reaction

adamoxleycommented, Apr 6, 2017

Hi Andrew,

I know you said this is now fixed in Daphne master (which I assume falls in line with the release tag 1.2.0)

I am having the same issue as JohnDoee above where I access a HTTPS url endpoint, and the URL generated by the Django application is HTTP. I am seeing this when using LimitOffsetPagination and CursorPagination from the Django Rest Framework.

I initially found this issue and upgraded all the packages on the box, below is my pip freeze list.

asgi-redis==1.2.1
asgiref==1.1.1
attrs==16.3.0
autobahn==0.18.1
Automat==0.5.0
boto==2.39.0
channels==1.1.2
constantly==15.1.0
coreapi==2.3.0
coreschema==0.0.4
coverage==4.3.4
daphne==1.2.0
defusedxml==0.4.1
Django==1.10.3
django-cachalot==1.2.0
django-crispy-forms==1.6.0
django-filter==0.12.0
django-queryinspect==0.1.0
django-redis==4.3.0
django-rest-swagger==2.1.0
django-scarface==3.0a8
django-ses==0.8.2
django-storages==1.4
djangorestframework==3.5.3
djangorestframework-xml==1.3.0
ecdsa==0.13
Fabric==1.10.2
filechunkio==1.6
gunicorn==19.4.5
incremental==16.10.1
itypes==1.1.0
Jinja2==2.9.6
MarkupSafe==1.0
msgpack-python==0.4.8
openapi-codec==1.3.1
paramiko==1.16.0
Pillow==3.1.0
psycopg2==2.7.1
pycrypto==2.6.1
python-dateutil==2.6.0
python-memcached==1.57
PyYAML==3.11
redis==2.10.5
requests==2.13.0
simplejson==3.10.0
six==1.10.0
Twisted==17.1.0
txaio==2.6.2
uritemplate==3.0.0
virtualenv==13.1.2
zope.interface==4.3.3

Note: I am not running Channels 1.1.3 since pip could not find this (the release was <24 hours ago when I installed it so it gathered 1.1.2)

The front end applications are disallowed from using HTTP due to restrictions that we have set on the Amazon Web Services box to only allow HTTPS traffic and deny HTTP, so when they use the ‘next’ url generated by Django in pagination, the front end receives a connection refused since it isn’t HTTPS.

Example:

I hit the endpoint on my application https://url.tld/messages which sends back to the front end a set of message objects (paginated) and therefore has a ‘next’ and ‘previous’ URL generated by Django. This generated URL is sent back in ‘next’ (or ‘previous’) as http://url.tld/messages?limit=10&offset=10.

Any help would be appreciated.

0reactions

adamoxleycommented, Apr 12, 2017

Hi Andrew, that worked great thanks a lot!

Top Results From Across the Web

How can you drop an HttpRequest connection in Django ...

I'm writing a Django 1.3 view method which requires TLS/SSL to be used. I want to entirely drop the connection if an HttpRequest...

Trying to make a Django-based site use HTTPS-only, not sure ...

Submit your domain to an SSL Test to check for potential problems (too short key, not using TLSv1.2, using broken protocols, etc.).

Error since added SSL certificate - Google Groups

I eel recently added an SSL certificate to my domain where the application is hosted with Django. Since I setup the SSL certificate...

Sending email | Django documentation

The EMAIL_HOST_USER and EMAIL_HOST_PASSWORD settings, if set, are used to authenticate to the SMTP server, and the EMAIL_USE_TLS and EMAIL_USE_SSL settings ...

http.client — HTTP protocol client — Python 3.11.1 ...

It is normally not used directly — the module urllib.request uses it to h... ... HTTPS support is only available if Python was...