Re: Admin access

[Boaz Sottie]

Check  if you have
{% csrf_token %} in your form

On Tue, Jan 23, 2024, 16:17 Raymond Nsubuga 
wrote:

> I am unable to access my admin site after creating a docker image and
> hosting  my website. It says an issue about the csrf, anyone who has
> encountered the issue can help.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/CAJpDcBQSk3m9_jntJyQOKYB%2BhNHxnfc5R0xft_5A0oUB-m5HpA%40mail.gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CAHDcthW%3DW-o1EBvoxZYTL%3Dtp3ki9-xPvFe%2BEn3P3t3GZ3Xf6fw%40mail.gmail.com.

Re: admin access in https redirect in http

[hiphoox]

Thank you guys!

Graham,

I tried the conf you described and it is working great :)
I'm also found this thread where you also participated and was very
useful:
http://markmail.org/message/62cb2sdj54yey7qz#query:wsgi.url_scheme+page:1+mid:l72acuzuldfpmbdw+state:results

Kenneth,

thanks for the link, I'm going to evaluate some of those hosting
services.

Regards,

Norberto Ortigoza

On Jun 21, 10:11 pm, Kenneth Gonsalves  wrote:
> On Monday 22 June 2009 07:32:41 hiphoox wrote:
>
> > Could you recommend me any VPS?
> > I still have the option to move to another one.
>
> look at djangofriendly.com
> --
> regards
> kghttp://lawgon.livejournal.com
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: admin access in https redirect in http

[Kenneth Gonsalves]

On Monday 22 June 2009 07:32:41 hiphoox wrote:
> Could you recommend me any VPS?
> I still have the option to move to another one.

look at djangofriendly.com
-- 
regards
kg
http://lawgon.livejournal.com

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: admin access in https redirect in http

[Graham Dumpleton]

SliceHost is always popular.

On Jun 22, 12:02 pm, hiphoox  wrote:
> Thanks a lot for your answer Graham.
>
> Could you recommend me any VPS?
> I still have the option to move to another one.
>
> Thanks,
>
> Norberto Ortigoza
>
> On Jun 21, 7:03 pm, Graham Dumpleton 
> wrote:
>
>
>
> > On Jun 21, 11:24 pm, hiphoox  wrote:
>
> > > Sorry about that,
>
> > > let me describe my current configuration
>
> > > I'm using webfaction hosting
>
> > > I created two applications:
>
> > > 1. A Django (trunk)/mod_wsgi (2.0)/Python (2.5) one.
>
> > I really wish WebFaction would stop offering such an old version of
> > mod_wsgi. The current version is 2.5 with both 2.6 and 3.0 not far
> > away.
>
> > Anyway, from my understanding of how WebFaction works, the issue is
> > that WebFaction uses another front end server to actually accept
> > requests. It is that other server which handles the HTTPS requests.
> > The request as it is proxied through to your server is only HTTP.
> > Because this occurs, the back end server only knows about the request
> > being HTTP and that HTTPS was used on front end server has been lost.
> > This means that WSGI environment variable 'wsgi.url_scheme' is always
> > being set to 'http', stuffing up any URL reconstruction being done in
> > the Django application.
>
> > If one was using nginx as the front end server and had control over
> > it, you would setup nginx to pass across a special header which
> > indicates whether HTTPS was originally used. There is no
> > standarisation on what header should be used or what it should be set
> > to. Adding some inbuilt mechanism to deal with this in mod_wsgi has
> > been looked up, but was abandoned because of the lack of
> > standarisation. See:
>
> >  http://code.google.com/p/modwsgi/issues/detail?id=133
>
> > Anyway, one way which is also understood by Paste is to use in nginx
> > configuration:
>
> >   proxy_set_header X-Forwarded-Scheme $scheme;
>
> > In your WSGI script file, you would then use:
>
> >   import os, sys
> >   sys.path.append('/usr/local/django')
> >   os.environ['DJANGO_SETTINGS_MODULE'] = 'mysite.settings'
>
> >   import django.core.handlers.wsgi
>
> >   _application = django.core.handlers.wsgi.WSGIHandler()
>
> >   def application(environ, start_response):
> >     environ['wsgi.url_scheme'] = environ.get
> > ('HTTP_X_FORWARDED_SCHEME', 'http')
> >     return _application(environ, start_response)
>
> > In other words, use a WSGI wrapper application to update
> > 'wsgi.url_scheme' based on the value of the passed header.
>
> > At this point you are going to have to ask the WebFaction people
> > whether they pass any special header through which indicates whether
> > original request used HTTPS or not and customise above as appropriate.
>
> > If they don't provide a way of getting that information, I'd really
> > suggest you move to a proper VPS where you can control everything
> > yourself.
>
> > Graham
>
> > > 2. A Symbolic link to static one to deliver static resources for
> > > admin_media
>
> > > my http.conf has the following info:
>
> > > +++
> > > +
> > > ServerRoot "/home/experior/webapps/django_trunk/apache2"
>
> > > LoadModule dir_module modules/mod_dir.so
> > > LoadModule env_module modules/mod_env.so
> > > LoadModule log_config_module modules/mod_log_config.so
> > > LoadModule mime_module modules/mod_mime.so
> > > LoadModule rewrite_module modules/mod_rewrite.so
> > > LoadModule wsgi_module modules/mod_wsgi.so
>
> > > KeepAlive Off
> > > Listen 8311
> > > LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\"
> > > \"%{User-Agent}i\"" combined
> > > CustomLog logs/access_log combined
> > > ServerLimit 2
>
> > > WSGIScriptAliasMatch ^/([^/]+) /home/experior/webapps/django_trunk/$1/
> > > apache/django.wsgi
> > > +++
> > > +
>
> > > The django.wsgi has:
>
> > > +++
> > > +
> > > import os
> > > import sys
>
> > > sys.path = ['/home/experior/webapps/django_trunk', '/home/experior/
> > > webapps/django_trunk/lib/python2.5'] + sys.path
> > > sys.path.append('/home/experior/webapps/django_trunk/experior/')
>
> > > from django.core.handlers.wsgi import WSGIHandler
>
> > > os.environ['DJANGO_SETTINGS_MODULE'] = 'experior.settings'
> > > application = WSGIHandler()
> > > +++
> > > +
>
> > > Please let me know if you need more info.
>
> > > Best regards,
>
> > > On Jun 20, 11:11 pm, Graham Dumpleton 
> > > wrote:
>
> > > > Any solution may be dependent on how Django was being hosted. Neither
> > > > of you have actually said how you were hosting Django. Even if OP
> > > 

Re: admin access in https redirect in http

[hiphoox]

Thanks a lot for your answer Graham.

Could you recommend me any VPS?
I still have the option to move to another one.

Thanks,

Norberto Ortigoza

On Jun 21, 7:03 pm, Graham Dumpleton 
wrote:
> On Jun 21, 11:24 pm, hiphoox  wrote:
>
> > Sorry about that,
>
> > let me describe my current configuration
>
> > I'm using webfaction hosting
>
> > I created two applications:
>
> > 1. A Django (trunk)/mod_wsgi (2.0)/Python (2.5) one.
>
> I really wish WebFaction would stop offering such an old version of
> mod_wsgi. The current version is 2.5 with both 2.6 and 3.0 not far
> away.
>
> Anyway, from my understanding of how WebFaction works, the issue is
> that WebFaction uses another front end server to actually accept
> requests. It is that other server which handles the HTTPS requests.
> The request as it is proxied through to your server is only HTTP.
> Because this occurs, the back end server only knows about the request
> being HTTP and that HTTPS was used on front end server has been lost.
> This means that WSGI environment variable 'wsgi.url_scheme' is always
> being set to 'http', stuffing up any URL reconstruction being done in
> the Django application.
>
> If one was using nginx as the front end server and had control over
> it, you would setup nginx to pass across a special header which
> indicates whether HTTPS was originally used. There is no
> standarisation on what header should be used or what it should be set
> to. Adding some inbuilt mechanism to deal with this in mod_wsgi has
> been looked up, but was abandoned because of the lack of
> standarisation. See:
>
>  http://code.google.com/p/modwsgi/issues/detail?id=133
>
> Anyway, one way which is also understood by Paste is to use in nginx
> configuration:
>
>   proxy_set_header X-Forwarded-Scheme $scheme;
>
> In your WSGI script file, you would then use:
>
>   import os, sys
>   sys.path.append('/usr/local/django')
>   os.environ['DJANGO_SETTINGS_MODULE'] = 'mysite.settings'
>
>   import django.core.handlers.wsgi
>
>   _application = django.core.handlers.wsgi.WSGIHandler()
>
>   def application(environ, start_response):
>     environ['wsgi.url_scheme'] = environ.get
> ('HTTP_X_FORWARDED_SCHEME', 'http')
>     return _application(environ, start_response)
>
> In other words, use a WSGI wrapper application to update
> 'wsgi.url_scheme' based on the value of the passed header.
>
> At this point you are going to have to ask the WebFaction people
> whether they pass any special header through which indicates whether
> original request used HTTPS or not and customise above as appropriate.
>
> If they don't provide a way of getting that information, I'd really
> suggest you move to a proper VPS where you can control everything
> yourself.
>
> Graham
>
>
>
> > 2. A Symbolic link to static one to deliver static resources for
> > admin_media
>
> > my http.conf has the following info:
>
> > +++
> > +
> > ServerRoot "/home/experior/webapps/django_trunk/apache2"
>
> > LoadModule dir_module modules/mod_dir.so
> > LoadModule env_module modules/mod_env.so
> > LoadModule log_config_module modules/mod_log_config.so
> > LoadModule mime_module modules/mod_mime.so
> > LoadModule rewrite_module modules/mod_rewrite.so
> > LoadModule wsgi_module modules/mod_wsgi.so
>
> > KeepAlive Off
> > Listen 8311
> > LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\"
> > \"%{User-Agent}i\"" combined
> > CustomLog logs/access_log combined
> > ServerLimit 2
>
> > WSGIScriptAliasMatch ^/([^/]+) /home/experior/webapps/django_trunk/$1/
> > apache/django.wsgi
> > +++
> > +
>
> > The django.wsgi has:
>
> > +++
> > +
> > import os
> > import sys
>
> > sys.path = ['/home/experior/webapps/django_trunk', '/home/experior/
> > webapps/django_trunk/lib/python2.5'] + sys.path
> > sys.path.append('/home/experior/webapps/django_trunk/experior/')
>
> > from django.core.handlers.wsgi import WSGIHandler
>
> > os.environ['DJANGO_SETTINGS_MODULE'] = 'experior.settings'
> > application = WSGIHandler()
> > +++
> > +
>
> > Please let me know if you need more info.
>
> > Best regards,
>
> > On Jun 20, 11:11 pm, Graham Dumpleton 
> > wrote:
>
> > > Any solution may be dependent on how Django was being hosted. Neither
> > > of you have actually said how you were hosting Django. Even if OP
> > > worked it out, his solution may not be relevant to use due to you
> > > hosting it differently.
>
> > > Graham
>
> > > On Jun 21, 1:50 pm, hiphoox  wrote:
>
> > > > Hi,
>
> > > > I have exactly the same problem. Did you get any way to resolve it?
>
> > > > 

Re: admin access in https redirect in http

[Graham Dumpleton]

On Jun 21, 11:24 pm, hiphoox  wrote:
> Sorry about that,
>
> let me describe my current configuration
>
> I'm using webfaction hosting
>
> I created two applications:
>
> 1. A Django (trunk)/mod_wsgi (2.0)/Python (2.5) one.

I really wish WebFaction would stop offering such an old version of
mod_wsgi. The current version is 2.5 with both 2.6 and 3.0 not far
away.

Anyway, from my understanding of how WebFaction works, the issue is
that WebFaction uses another front end server to actually accept
requests. It is that other server which handles the HTTPS requests.
The request as it is proxied through to your server is only HTTP.
Because this occurs, the back end server only knows about the request
being HTTP and that HTTPS was used on front end server has been lost.
This means that WSGI environment variable 'wsgi.url_scheme' is always
being set to 'http', stuffing up any URL reconstruction being done in
the Django application.

If one was using nginx as the front end server and had control over
it, you would setup nginx to pass across a special header which
indicates whether HTTPS was originally used. There is no
standarisation on what header should be used or what it should be set
to. Adding some inbuilt mechanism to deal with this in mod_wsgi has
been looked up, but was abandoned because of the lack of
standarisation. See:

  http://code.google.com/p/modwsgi/issues/detail?id=133

Anyway, one way which is also understood by Paste is to use in nginx
configuration:

  proxy_set_header X-Forwarded-Scheme $scheme;

In your WSGI script file, you would then use:

  import os, sys
  sys.path.append('/usr/local/django')
  os.environ['DJANGO_SETTINGS_MODULE'] = 'mysite.settings'

  import django.core.handlers.wsgi

  _application = django.core.handlers.wsgi.WSGIHandler()

  def application(environ, start_response):
environ['wsgi.url_scheme'] = environ.get
('HTTP_X_FORWARDED_SCHEME', 'http')
return _application(environ, start_response)

In other words, use a WSGI wrapper application to update
'wsgi.url_scheme' based on the value of the passed header.

At this point you are going to have to ask the WebFaction people
whether they pass any special header through which indicates whether
original request used HTTPS or not and customise above as appropriate.

If they don't provide a way of getting that information, I'd really
suggest you move to a proper VPS where you can control everything
yourself.

Graham

> 2. A Symbolic link to static one to deliver static resources for
> admin_media
>
> my http.conf has the following info:
>
> +++
> +
> ServerRoot "/home/experior/webapps/django_trunk/apache2"
>
> LoadModule dir_module modules/mod_dir.so
> LoadModule env_module modules/mod_env.so
> LoadModule log_config_module modules/mod_log_config.so
> LoadModule mime_module modules/mod_mime.so
> LoadModule rewrite_module modules/mod_rewrite.so
> LoadModule wsgi_module modules/mod_wsgi.so
>
> KeepAlive Off
> Listen 8311
> LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\"
> \"%{User-Agent}i\"" combined
> CustomLog logs/access_log combined
> ServerLimit 2
>
> WSGIScriptAliasMatch ^/([^/]+) /home/experior/webapps/django_trunk/$1/
> apache/django.wsgi
> +++
> +
>
> The django.wsgi has:
>
> +++
> +
> import os
> import sys
>
> sys.path = ['/home/experior/webapps/django_trunk', '/home/experior/
> webapps/django_trunk/lib/python2.5'] + sys.path
> sys.path.append('/home/experior/webapps/django_trunk/experior/')
>
> from django.core.handlers.wsgi import WSGIHandler
>
> os.environ['DJANGO_SETTINGS_MODULE'] = 'experior.settings'
> application = WSGIHandler()
> +++
> +
>
> Please let me know if you need more info.
>
> Best regards,
>
> On Jun 20, 11:11 pm, Graham Dumpleton 
> wrote:
>
>
>
> > Any solution may be dependent on how Django was being hosted. Neither
> > of you have actually said how you were hosting Django. Even if OP
> > worked it out, his solution may not be relevant to use due to you
> > hosting it differently.
>
> > Graham
>
> > On Jun 21, 1:50 pm, hiphoox  wrote:
>
> > > Hi,
>
> > > I have exactly the same problem. Did you get any way to resolve it?
>
> > > Regards,
>
> > > Norberto Ortigoza
>
> > > On Jun 12, 9:54 am, Francis  wrote:
>
> > > > Hi folks,
>
> > > > I have set to instance of my server, one serving in http with admin
> > > > disable and another one accessible throu https with admin enable.
>
> > > > But this config cause me some trouble, each time I save something in
> > > > the administration interface, it redirect me to http instead of https.
> 

Re: admin access in https redirect in http

[hiphoox]

Sorry about that,

let me describe my current configuration

I'm using webfaction hosting

I created two applications:

1. A Django (trunk)/mod_wsgi (2.0)/Python (2.5) one.
2. A Symbolic link to static one to deliver static resources for
admin_media

my http.conf has the following info:

+++
+
ServerRoot "/home/experior/webapps/django_trunk/apache2"

LoadModule dir_module modules/mod_dir.so
LoadModule env_module modules/mod_env.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule mime_module modules/mod_mime.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule wsgi_module modules/mod_wsgi.so

KeepAlive Off
Listen 8311
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\"
\"%{User-Agent}i\"" combined
CustomLog logs/access_log combined
ServerLimit 2

WSGIScriptAliasMatch ^/([^/]+) /home/experior/webapps/django_trunk/$1/
apache/django.wsgi
+++
+


The django.wsgi has:

+++
+
import os
import sys

sys.path = ['/home/experior/webapps/django_trunk', '/home/experior/
webapps/django_trunk/lib/python2.5'] + sys.path
sys.path.append('/home/experior/webapps/django_trunk/experior/')

from django.core.handlers.wsgi import WSGIHandler

os.environ['DJANGO_SETTINGS_MODULE'] = 'experior.settings'
application = WSGIHandler()
+++
+


Please let me know if you need more info.

Best regards,

On Jun 20, 11:11 pm, Graham Dumpleton 
wrote:
> Any solution may be dependent on how Django was being hosted. Neither
> of you have actually said how you were hosting Django. Even if OP
> worked it out, his solution may not be relevant to use due to you
> hosting it differently.
>
> Graham
>
> On Jun 21, 1:50 pm, hiphoox  wrote:
>
>
>
> > Hi,
>
> > I have exactly the same problem. Did you get any way to resolve it?
>
> > Regards,
>
> > Norberto Ortigoza
>
> > On Jun 12, 9:54 am, Francis  wrote:
>
> > > Hi folks,
>
> > > I have set to instance of my server, one serving in http with admin
> > > disable and another one accessible throu https with admin enable.
>
> > > But this config cause me some trouble, each time I save something in
> > > the administration interface, it redirect me to http instead of https.
> > > (which throw 404)
>
> > > Is there something I can set to tell the admin site to redirect to
> > > https?
>
> > > Thank you
>
> > > Francis
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: admin access in https redirect in http

[Graham Dumpleton]

Any solution may be dependent on how Django was being hosted. Neither
of you have actually said how you were hosting Django. Even if OP
worked it out, his solution may not be relevant to use due to you
hosting it differently.

Graham

On Jun 21, 1:50 pm, hiphoox  wrote:
> Hi,
>
> I have exactly the same problem. Did you get any way to resolve it?
>
> Regards,
>
> Norberto Ortigoza
>
> On Jun 12, 9:54 am, Francis  wrote:
>
>
>
> > Hi folks,
>
> > I have set to instance of my server, one serving in http with admin
> > disable and another one accessible throu https with admin enable.
>
> > But this config cause me some trouble, each time I save something in
> > the administration interface, it redirect me to http instead of https.
> > (which throw 404)
>
> > Is there something I can set to tell the admin site to redirect to
> > https?
>
> > Thank you
>
> > Francis
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: admin access in https redirect in http

[hiphoox]

Hi,

I have exactly the same problem. Did you get any way to resolve it?

Regards,

Norberto Ortigoza

On Jun 12, 9:54 am, Francis  wrote:
> Hi folks,
>
> I have set to instance of my server, one serving in http with admin
> disable and another one accessible throu https with admin enable.
>
> But this config cause me some trouble, each time I save something in
> the administration interface, it redirect me to http instead of https.
> (which throw 404)
>
> Is there something I can set to tell the admin site to redirect to
> https?
>
> Thank you
>
> Francis

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---