Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Django storage s3 media url is https:// instead of http://

Tags:

django

amazon-s3

django-storage

When serving media with django-storage s3, the media url that is being generated is something like this:

https://mybucket.s3.amazonaws.com/myimage.jpg?Signature=5ifoyLqzmtfVNS1ovfzVvN92RH0%3D&Expires=1363124819&AWSAccessKeyId=AKIAJ7ZTU7K4SPYKGOFA

Causing the images to not be displayed because of https:

    You attempted to reach mybucket.s3.amazonaws.com,
 but instead you actually reached a server identifying itself as *.s3.amazonaws.com.
 This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of mybucket.s3.amazonaws.com.

I need the images to be served as HTTP not HTTPS

My settings are:

DEFAULT_FILE_STORAGE = 'storages.backends.s3boto.S3BotoStorage'
AWS_ACCESS_KEY_ID = "AKIAJ....K4SPYKGOFA"
AWS_SECRET_ACCESS_KEY = "2Y7G98JoCRzAEp....rPoCjWZuwDaQ"
AWS_STORAGE_BUCKET_NAME = "mybucket"

I tried set the media_url, and s3_url to normal http, but it didn't change anything.

I'm using django 1.5

like image 275
YardenST Avatar asked Mar 12 '13 21:03

YardenST

2 Answers

You could probably solve this with a single AWS_S3_SECURE_URLS = False. However these settings are in flux as of the current version 1.1.6 so here's a bit more detail on related settings:

AWS_S3_SECURE_URLS = False
AWS_S3_URL_PROTOCOL = 'http'
AWS_STORAGE_BUCKET_NAME = 'mybucket'
AWS_S3_CUSTOM_DOMAIN = '%s.s3.amazonaws.com' % AWS_STORAGE_BUCKET_NAME

AWS_S3_URL_PROTOCOL is the new way and if set to an empty string allows protocol relative URLs. For backwards compatibility you still need AWS_S3_SECURE_URLS. And at the moment AWS_S3_CUSTOM_DOMAIN is necessary if you are using AWS_S3_URL_PROTOCOL. Here's some developer discussion on implementing protocol relative URLs with the S3Boto backend.

It's also worth noting Django-storages provides an S3 backend as well as a different S3Boto backend. Your question doesn't make the one you are using clear though your code does.

like image 128
JCotton Avatar answered Nov 04 '22 05:11

JCotton

I would try adding this property to your settings:

AWS_S3_SECURE_URLS = False

It doesn't look like it's documented after a brief glance at the django-storages docs, but this blog talks about it a bit more. http://www.eliotk.net/05/30/force-http-with-django-storages-and-s3boto/

like image 40
Eric Ressler Avatar answered Nov 04 '22 05:11

Eric Ressler
Sign in to Comment

Related questions

How does a Django UUIDField generate a UUID in Postgresql?
ValueError: too many values to unpack (expected 2) in Django
Django queryset order_by dates near today
django-admin: How to redirect to another URL after Object save? [duplicate]
Django registration of tag library not working
Widget tweaks error ModuleNotFoundError: No module named 'widget_tweaks' with Django forms
Cannot connect to localhost API from Android app
Docker Alpine: Error loading MySQLdb module
return database_name == ':memory:' or 'mode=memory' in database_name TypeError: argument of type 'WindowsPath' is not iterable
Django ModelForm fails validation with no errors
Get daily counts of objects from Django
Redirecting django manage.py output (in windows) to a text file
how to open url in new tab from django?
Python: if more than one of three things is true, return false
Django and models with multiple foreign keys
How can i customize the html output of a widget in Django?
How to use can_add_related in Django Admin
django model validation not working
Get list of occurrences + count in a model Django?
django-registration: how do I check whether the user is logged in before displaying a page

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!