Search Results

Search found 3640 results on 146 pages for 'django csrf'.

Page 94/146 | < Previous Page | 90 91 92 93 94 95 96 97 98 99 100 101  | Next Page >

  • Permission issue for apache

    - by Aamir Adnan
    Environment Details: Amazon Ec2 Ubuntu 12.04 Django + mod_wsgi + python 2.6 web server: apache2 I have mounted a 10GB ebs volume to an instance to /mnt/ebs1/. After mounting the volume and formatting, I have placed all my project files in /mnt/ebs1/project. the wsgi file is in /mnt/ebs1/project/apache/django.wsgi. The content of wsgi file is: import os, sys sys.path.insert(0, '/mnt/ebs1/project') sys.path.insert(1, '/mnt/ebs1') os.environ['DJANGO_SETTINGS_MODULE'] = 'project.configs.common.settings' import django.core.handlers.wsgi application = django.core.handlers.wsgi.WSGIHandler() My httpd.conf file looks as: LoadModule wsgi_module /usr/lib/apache2/modules/mod_wsgi.so WSGIPythonHome /usr/bin/python2.6 WSGIScriptAlias / /mnt/ebs1/project/apache/django.wsgi <Directory /mnt/ebs1/project> Order allow,deny Allow from all </Directory> <Directory /mnt/ebs1/project/apache> Order allow,deny Allow from all </Directory> Alias /static/ /mnt/ebs1/project/static/ <Directory /mnt/ebs1/project/static> Order deny,allow Allow from all </Directory> The above configurations gives me Forbidden: You don't have permission to access / on this server. I tried to find the user which is running apache using ps aux which is www-data and has group www-data. I have tried to change the ownership of /mnt/ebs1 and its subdirectories using chown -R www-data:www-data /mnt/ebs1 but that still does not solve the problem. Can any one tell me what I am doing wrong or have missed?

    Read the article

  • Protect all XML-RPC calls with HTTP basic auth but one

    - by bodom_lx
    I set up a Django project for smartphone serving XML-RPC methods over HTTPS and using basic auth. All XML-RPC methods require username and password. I would like to implement a XML-RPC method to provide registration to the system. Obviously, this method should not require username and password. The following is the Apache conf section responsible for basic auth: <Location /RPC2> AuthType Basic AuthName "Login Required" Require valid-user AuthBasicProvider wsgi WSGIAuthUserScript /path/to/auth.wsgi </Location> This is my auth.wsgi: import os import sys sys.stdout = sys.stderr sys.path.append('/path/to/project') os.environ['DJANGO_SETTINGS_MODULE'] = 'project.settings' from django.contrib.auth.models import User from django import db def check_password(environ, user, password): """ Authenticates apache/mod_wsgi against Django's auth database. """ db.reset_queries() kwargs = {'username': user, 'is_active': True} try: # checks that the username is valid try: user = User.objects.get(**kwargs) except User.DoesNotExist: return None # verifies that the password is valid for the user if user.check_password(password): return True else: return False finally: db.connection.close() There are two dirty ways to achieve my aim with current situation: Have a dummy username/password to be used when trying to register to the system Have a separate Django/XML-RPC application on another URL (ie: /register) that is not protected by basic auth Both of them are very ugly, as I would also like to define a standard protocol to be used for services like mine (it's an open Dynamic Ridesharing Architecture) Is there a way to unprotect a single XML-RPC call (ie. a defined POST request) even if all XML-RPC calls over /RPC2 are protected?

    Read the article

  • Protect all XML-RPC calls with HTTP basic auth but one

    - by bodom_lx
    I set up a Django project for smartphone serving XML-RPC methods over HTTPS and using basic auth. All XML-RPC methods require username and password. I would like to implement a XML-RPC method to provide registration to the system. Obviously, this method should not require username and password. The following is the Apache conf section responsible for basic auth: <Location /RPC2> AuthType Basic AuthName "Login Required" Require valid-user AuthBasicProvider wsgi WSGIAuthUserScript /path/to/auth.wsgi </Location> This is my auth.wsgi: import os import sys sys.stdout = sys.stderr sys.path.append('/path/to/project') os.environ['DJANGO_SETTINGS_MODULE'] = 'project.settings' from django.contrib.auth.models import User from django import db def check_password(environ, user, password): """ Authenticates apache/mod_wsgi against Django's auth database. """ db.reset_queries() kwargs = {'username': user, 'is_active': True} try: # checks that the username is valid try: user = User.objects.get(**kwargs) except User.DoesNotExist: return None # verifies that the password is valid for the user if user.check_password(password): return True else: return False finally: db.connection.close() There are two dirty ways to achieve my aim with current situation: Have a dummy username/password to be used when trying to register to the system Have a separate Django/XML-RPC application on another URL (ie: /register) that is not protected by basic auth Both of them are very ugly, as I would also like to define a standard protocol to be used for services like mine (it's an open Dynamic Ridesharing Architecture) Is there a way to unprotect a single XML-RPC call (ie. a defined POST request) even if all XML-RPC calls over /RPC2 are protected?

    Read the article

  • My jquery AJAX POST requests works without sending an Authenticity Token (Rails)

    - by dchua
    Hi all, Is there any provisions in rails that would allow all AJAX POST requests from the site to pass without an authenticity_token? I have a Jquery POST ajax call that calls a controller method, but I did not put any authenticity code in it and yet the call succeeds. My ApplicationController does have 'request_forgery_protection' and I've changed config.action_controller.consider_all_requests_local to false in my environments/development.rb I've also searched my code to ensure that I was not overloading ajaxSend to send out authenticity tokens. Is there some mechanism in play that disables the check? Now I'm not sure if my CSRF protection is working or not. I'm using Rails 2.3.5.

    Read the article

  • For securing forms, when do I issue the token?

    - by AQuestionADayKeepsTheDrAway
    So, I have a form, to make it a little more secure and potentially help prevent CSRF attacks I want to add a random token value in a hidden field that value is also stored server side in my session data. When should I issue a new token? Per form? Per page load where there is any form? Per session? I can render it invalid as soon as a form is successfully submitted but I'm wondering when to generate one. I ask as if I issue it per form or per page do I not risk the chance of a duplicate token value overwriting the existing (valid) token if a user opens a separate window but submitting the first form (with the now overwritten value)?

    Read the article

  • Unexplained Django error. Diagnosis anyone?

    - by colorfulgrayscale
    I have a django project I keep on github. It worked perfectly fine on my laptop. I downloaded it on my desktop and tried to "python manage.py runserver" or even "python manage.py shell" I get a Error: No module named messages No other messages, no stack trace, nothing..Anyone have any idea whats going on? Thanks.

    Read the article

  • Why is mod_wsgi not able to write data? IOError: failed to write data

    - by BryanWheelock
    What could be causing this error: $ sudo tail -n 100 /var/log/apache2/error.log' [Wed Dec 29 15:20:03 2010] [error] [client 220.181.108.181] mod_wsgi (pid=20343): Exception occurred processing WSGI script '/home/username/public_html/idm.wsgi'. [Wed Dec 29 15:20:03 2010] [error] [client 220.181.108.181] IOError: failed to write data Here is the WSGI script: $ cat public_html/idm.wsgi import os import sys sys.path.append('/home/username/public_html/IDM_app/') os.environ['DJANGO_SETTINGS_MODULE'] = 'settings' import django.core.handlers.wsgi application = django.core.handlers.wsgi.WSGIHandler() Why would Django not be able to write data? I'm running Django 1.2.4

    Read the article

  • running python script with cron

    - by paulo
    hey guys, im trying to run a python script after every 5 minutes using cron, inside the script is a django import import django when running the crontab i get mailed the following error ImportError: No module named django this is what the crontab file looks like: [email protected] */5 * * * * /usr/bin/python /Users/paulo/Desktop/ashtanga/ping/sender.py do anyone of you know whats causing this ? btw i do have django insalled version 1.2, python 2.6, and MacOX 10.6

    Read the article

  • why my code error,about serve the static file using django..

    - by zjm1126
    my settings.py: DIRNAME = os.path.dirname(__file__) STATIC_DOC_ROOT = os.path.join(DIRNAME, 'media') MEDIA_URL = '/media/' my urls.py: def google(request): return render_to_response('a.html',context_instance=RequestContext(request)) urlpatterns = patterns('', (r'^$',google), (r'^media/(?P<path>.*)$', 'django.views.static.serve',{'document_root':settings.STATIC_DOC_ROOT,'show_indexes': True}), ) and my a.html is: <script type="text/javascript" src="/media/jquery-1.4.2.js"></script> <script type="text/javascript"> alert($) </script> but,it can't defiend the '$' why ? thanks

    Read the article

  • Django-imagekit: how to reduce image quality with a preprocessor_spec ?

    - by pierre-guillaume-degans
    Hi, please excuse me for my ugly english :p I've created this simple model class, with a Preprocessor to reduce my photos'quality (the photos'extension is .JPG): from django.db import models from imagekit.models import ImageModel from imagekit.specs import ImageSpec from imagekit import processors class Preprocessor(ImageSpec): quality = 50 processors = [processors.Format] class Picture(ImageModel): image = models.ImageField(upload_to='pictures') class IKOptions: preprocessor_spec = Preprocessor The problem : pictures'quality are not reduced. :( Any idea to fix it ? Thank you very much ;)

    Read the article

  • How can I write this query in Django? (datetime)

    - by alex
    | time_before | datetime | YES | MUL | NULL | | | time_after | datetime | YES | MUL | NULL | | the_tag = Tag.objects.get(id=tag_id) Log.objects.filter(blah).extra(where=['last_updated >'+the_tag.time_before, 'last_updated' < the_tag.time_after]) Ok. Basically, I have an object that's called "the_tag". I want to select from Log where log.last_updated (which is a datetime field) is between the tag's time. But, I don't know how to write the last part of this Django query.

    Read the article

  • What should a Django user know when moving from MySQL to PostgreSQL?

    - by tmitchell
    Most of my experience with Django thus far has been with MySQL and mysqldb. For a new app I'm writing, I'm dipping my toe in the PostgreSQL water, now that I have seen the light. While writing a data import script, I stumbled upon an issue with the default autocommit behavior. I would guess there are other "gotchas" that might crop up. What else should I be on the lookout for?

    Read the article

  • How to share memory buffer across sessions in Django?

    - by afriza
    I want to have one party (or more) sends a stream of data via HTTP request(s). Other parties will be able to receive the same stream of data in almost real-time. The data stream should be accessible across sessions (according to access control list). How can I do this in Django? If possible I would like to avoid database access and use in memory buffer (along with some synchronization mechanism)

    Read the article

  • how to count all distinct records in many-to-many relations in django ORM?

    - by marduk-pl
    hi, i have two models: class Project(models.Model): categories = models.ManyToManyField(Category) class Category(models.Model): name = models.CharField() now, i make some queryset: query = Project.objects.filter(id__in=[1,2,3,4]) and i like to get list of all distinct categories in this queryset with count of projects with refering to these categories - exactly i would like to get that results: category1 - 10 projects category2 - 5 projects that is opposite to this query: query2 = query.annotate(Count('categories')) what return me: project1 - 2categories project2 - 7categories how can i make it in django ORM?

    Read the article

  • Are there any generic shipping calculators out there for DJango?

    - by Jon Cage
    I'm in the process of settings up a website (I'm using DJango) to begin selling some toys I build and need a way of calculating shipping costs for my customers. Are there any (preferably free) shipping calculators which accept a customers address and return the cost for different delivery companies / delivery options? It would be nice if the API could indicate cost vs delivery time. We'll be shipping world-wide if that makes a difference?

    Read the article

  • How to update the filename of a Django's FileField instance ?

    - by pierre-guillaume-degans
    Hello, Here a simple django model: class SomeModel(models.Model): title = models.CharField(max_length=100) video = models.FileField(upload_to='video') I would like to save any instance so that the video's file name would be a valid file name of the title. For example, in the admin interface, I load a new instance with title "Lorem ipsum" and a video called "video.avi". The copy of the file on the server should be "Lorem Ipsum.avi" (or "Lorem_Ipsum.avi"). Thank you :)

    Read the article

  • Eclipse + Django: How to get bytecode output when python source files change?

    - by Sean Ochoa
    Whenever I change my python source files in my Django project, the .pyc files become out of date. Of course that's because I need to recompile them in order to test them through my local Apache web server. I would like to get around this manual process by employing some automatic means of compiling them on save, or on build through Eclipse, or something like that. What's the best and proper way to do this?

    Read the article

  • What's the best way to migrate a Django DB from SQLite to MySQL?

    - by Inshim
    I need to migrate my db from sqlite to mysql, and the various tools/scripts out there are too many for me to easily spot the safest and most elegant solution. This seemed to me nice http://djangosnippets.org/snippets/14/ but appears to be 3 years since getting an update which is worrying.. Can you recommend a solution that is known to be reliable with Django 1.1.1 ?

    Read the article

< Previous Page | 90 91 92 93 94 95 96 97 98 99 100 101  | Next Page >