#33293: Wrong redirect behind reverse proxy -------------------------------+-------------------------------------- Reporter: Rodolphe | Owner: nobody Type: Uncategorized | Status: closed Component: contrib.admin | Version: 3.0 Severity: Normal | Resolution: invalid Keywords: | Triage Stage: Unreviewed Has patch: 0 | Needs documentation: 0 Needs tests: 0 | Patch needs improvement: 0 Easy pickings: 0 | UI/UX: 0 -------------------------------+--------------------------------------
Comment (by Keryn Knight): Whilst this isn't a support channel, I'll add some possibly helpful information below as a courtesy, and because who knows who else might stumble across this in the future. If your httpd (or whatever; could be a wsgi middleware etc) sets `SCRIPT_NAME` and `PATH_INFO` to the correct values, ''and'' (maybe; it's been a while) the setting [https://docs.djangoproject.com/en/3.2/ref/settings/#force-script-name FORCE_SCRIPT_NAME] to the prefix, anything that goes through `reverse`/`resolve` in terms of generated URLs (for `Location` redirects etc) should end up with the correct values. e.g. `return HttpResponseRedirect(reverse('admin:index', ...))` would be prefixed, but `return HttpResponseRedirect('/admin/')` would not. For transparent reverse-proxying of all URLs AFAIK you'd need further co- operation from either the WSGI publisher (e.g. [https://docs.pylonsproject.org/projects/waitress/en/latest/reverse- proxy.html?highlight=url_prefix#using-url-prefix-to-influence-script-name- and-path-info See the waitress docs for their support]) or the fronting httpd (e.g. [https://httpd.apache.org/docs/2.4/mod/mod_proxy.html#proxypassreverse see Apache's ProxyPassReverse]) Please note also this gentle reminder that you should ''not'' be using runserver in anything ostensibly like "production" - you should be using something designed for the purposes, such as gunicorn/uwsgi/mod_wsgi/waitress/bjoern/meinheld. -- Ticket URL: <https://code.djangoproject.com/ticket/33293#comment:4> Django <https://code.djangoproject.com/> The Web framework for perfectionists with deadlines. -- You received this message because you are subscribed to the Google Groups "Django updates" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-updates+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-updates/072.7af1d310f34d0d8a261e12e017e1af2b%40djangoproject.com.