Geek Answers Handbook

How to set django rest frame break url

when i get the object in django rest framework urls always comes absolute with localhost, but when creating im proxy on nginx is there any way to set this url in settings

Example

count: 11 next: "http://localhost:8000/api/accounts/?ordering=-date_registered&page=2" previous: null

I need it to be

 count: 11 next: "http:/example.com/api/accounts/?ordering=-date_registered&page=2" previous: null

---------- edit --------------------------

see my full nginx configuration

 server { listen 80; server_name 123.123.123.123; root /home/admin/www/site-web/dist; index index.html; charset utf-8; location /static/ { alias /home/admin/www/site/static/; } location /media/ { alias /home/admin/www/site/media/; } location /nginx_status/ { # Turn on nginx stats stub_status on; # I do not need logs for stats access_log off; # Security: Only allow access from 192.168.1.100 IP # # allow 192.168.1.100; # Send rest of the world to /dev/null # # deny all; } location / { proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; try_files $uri $uri/ /index.html; if ($request_method = 'OPTIONS') { add_header 'Access-Control-Allow-Origin' '*'; # # Om nom nom cookies # add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; # # Custom headers and headers various browsers *should* be OK with but aren't # add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; # # Tell client that this pre-flight info is valid for 20 days # add_header 'Access-Control-Max-Age' 1728000; add_header 'Content-Type' 'text/plain charset=UTF-8'; add_header 'Content-Length' 0; return 204; } if ($request_method = 'POST') { add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; } if ($request_method = 'GET') { add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; } } location /docs/ { proxy_pass http://127.0.0.1:8000/docs/; break; } location /api/ { underscores_in_headers on; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; proxy_pass http://127.0.0.1:8000/api/; break; } location /admin/ { proxy_pass http://127.0.0.1:8000/admin/; break; } }

==== super edit ====

Sorry guys, I had "underscores_in_headers"; I deleted it and everything works

=================

+4
source share
2 answers

Set USE_X_FORWARDED_HOST in your settings to True and make sure that you transfer it along with your web server (proxy).

When django does build_absolute_uri() , it calls get_host() - see below in django.http.request:

 def get_host(self): """Returns the HTTP host using the environment or request headers.""" # We try three options, in order of decreasing preference. if settings.USE_X_FORWARDED_HOST and ( 'HTTP_X_FORWARDED_HOST' in self.META): host = self.META['HTTP_X_FORWARDED_HOST'] ...

See Real Use of the X-Forwarded-Host Header?

+3
source

It looks like your Host header is not configured correctly, which will be a problem in your nginx configuration. The problem is that your submitted Host header contains the port number, so Django includes the port number when building the URLs. This will cause future problems with CSRF because CSRF checks strict port checking when you are not debugging.

This is known to cause SSL issues for the same reasons.

You can fix this by setting the Host header in Nginx to not include the proxied port.

 proxy_set_header Host $http_host;

Note that instead of $host or $host:$server_port I used the $http_host variable. This ensures that Django will still respect CSRF requests on non-standard ports, while maintaining the correct absolute URLs.

+4
source

More articles:


All Articles