4

I have a Django ecommerce site running, and have purchases and installed an SSL cert for it.

I have added a VirtualHost entry: 

<VirtualHost *:443> #Basic setup ServerAdmin [email protected] ServerName test.com ServerAlias www.test.com Alias /media/admin/ /home/test/public_html/test/release/env/lib/python2.6/dist-packages/django/contrib/admin/media/ Alias /static/ /home/test/public_html/test/release/static/ Alias /media/ /home/test/public_html/test/release/media/ <Directory /home/test/public_html/test/release/> Order deny,allow Allow from all </Directory> RewriteEngine On LogLevel warn ErrorLog /home/test/public_html/test/logs/error.log CustomLog /home/test/public_html/test/logs/access.log combined WSGIDaemonProcess test user=www-data group=www-data threads=20 processes=2 WSGIProcessGroup test_ssl WSGIScriptAlias / /home/test/public_html/test/release/apache/test.wsgi SSLEngine On SSLCertificateFile /etc/apache2/ssl/test.com.crt SSLCertificateChainFile /etc/apache2/ssl/gs_root.pem SSLCertificateKeyFile /etc/apache2/ssl/www.test.com.key </VirtualHost>

Here is the urls.py file:

from django.conf.urls.defaults import patterns, include, url from django.contrib import admin from django.conf import settings from gallery.models import LOCATIONS, Photo admin.autodiscover() from satchmo_store.urls import urlpatterns as satchmo_urls from satchmo_store.shop.views.sitemaps import sitemaps from cms.sitemaps import CMSSitemap sitemaps['pages'] = CMSSitemap urlpatterns = patterns('', url(r'^admin/', include(admin.site.urls)), url(r'^search/', include('haystack.urls')), # Include satchmo urls. Unfortunately, this also includes it's own # /admin/ and everything else. url(r'^shop/', include(satchmo_urls)), url(r'^sitemap\.xml/?$', 'django.contrib.sitemaps.views.sitemap', {'sitemaps': sitemaps}), url(r'events/gallery/(.*)/(.*)/$', 'gallery.views.events_image'), url(r'locations/view-all/(.*)/$', 'gallery.views.locations_image'), url(r'locations/view-all/$', 'gallery.views.locations_view_all',{ 'queryset':Photo.objects.filter(gallery__category=LOCATIONS).distinct()}), url(r'^contact-us/', include('contact_form.urls')), url(r'^', include('cms.urls')), ) if settings.DEBUG: urlpatterns = patterns('', (r'^media/(?P<path>.*)$', 'django.views.static.serve', {'document_root': settings.MEDIA_ROOT}), (r'^static/(?P<path>.*)$', 'django.views.static.serve', {'document_root': settings.STATIC_ROOT}), (r'^404/$', 'django.views.defaults.page_not_found'), (r'^500/$', 'django.views.defaults.server_error'), ) + urlpatterns

There is also a conf for non ssl which is working fine.

Whenever I request the HTTPS version of the site, I get a 302 header response which redirects to the HTTP version.

There are no redirects in the apache conf that explicitly state go to port 80.

Ive been banging my head against this for a while, any help would be great!

Thanks

Improve this question
2
  • Is there anything in cms/urls.py that redirects? Commented Feb 1, 2012 at 22:18
  • We're using DjangoCMS- nothing in there.... Commented Feb 2, 2012 at 9:48

3 Answers 3

Reset to default
8

You probably already fixed it and it could be an entirely different problem, but I just came across something that sounds somewhat similar and as I did not find an answer that addressed your issue, I thought it might be worth to post a reply (despite I was having a 301 and you a 302).

I am running a Django site (Django 1.6.1) with gunicorn behind nginx. So nginx does the SSL. The environment variable HTTPS is set to on.

When I set up a test server without an http-to-https redirect, I noticed that some requests end up being redirected to an http address - similar to what you describe, but in my case it was just for one particular link. After looking into the request and response headers, I found out: The initial request https://example.org/test got redirected by Django/gunicorn with 301 MOVED PERMANENTLY to http://exmaple.org/test/. nginx then responded with 400 Bad Request - The plain HTTP request was sent to HTTPS port.

Quickly I came across a setting I had not paid much attention to before: APPEND_SLASH (https://docs.djangoproject.com/en/1.6/ref/settings/#std:setting-APPEND_SLASH) with the default value True.

After adding APPEND_SLASH = False to my settings.py file, a request to https://example.org/test resulted in a 404 NOT FOUND response, without a redirect to http. So it seems that APPEND_SLASH does not respect the HTTP environment variable setting - I guess configuring SECURE_PROXY_SSL_HEADER (https://docs.djangoproject.com/en/1.6/ref/settings/#std:setting-SECURE_PROXY_SSL_HEADER) would solve this, I have not tested it yet.

By the way, the reason for that "faulty" link in my case was a hard-coded link in a template. The easy way to avoid links like that is using the built-in {% url ... %} template tag (https://docs.djangoproject.com/en/1.6/ref/templates/builtins/#url [sorry, I could not make this link clickable because I don't have "at least 10 reputation"...]).

Perhaps this helps you or anyone else who wonders why Django sometimes redirects from https to http.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Setting SECURE_PROXY_SSL_HEADER fixed this for me.
I set SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https'), but the redirect to HTTP still happens in some cases. I'm using Django 1.6.5 and deploying on AWS behind a load balancer that "proxies" HTTPS to non-HTTPS. I need APPEND_SLASH, unfortunately.
If you set the HTTP_X_FORWARDED_PROTO and configured your web server correctly, it should usually work. Perhaps the load balancer messes around with the headers?
1

I know this is an old question but I have just spent hours searching for a solution to an identical problem so I thought I would post what I eventually worked out here. I was using Satchmo as the original poster was, It has a middleware class satchmo_store.shop.SSLMiddleware.SSLRedirect which by default sends a redirect exactly as described in the original question from https to http with a 302 header response. Commenting the line in MIDDLEWARE_CLASSES fixes the problem and may be OK if anyone wants to run completely over https but the documentation http://satchmo.readthedocs.org/en/latest/configuration.html#ssl explains how to use it properly which is what I am going to try to do.

Improve this answer

Comments

0

Only thing that I can think of is your site setting in the database. If you put an explicit port number in your Site object... Could you take a look in your admin?

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.