You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In Django 1.10, when using django_setup(set_prefix=True) and FORCED_SCRIPT_PREFIX, public named URLs do not work and login URLs lead to infinite redirects.
Stronghold during load time is reverse()ing all the URLs from STRONGHOLD_PUBLIC_NAMED_URLS and storing them as public URLs. Then, in the middleware it compares them with request.path_info to determine if the current URL being requested is a public URL.
With Django 1.10, a new parameter to django.setup() was introduced to make FORCE_SCRIPT_PREFIX applicable outside the requests. So, when reverse() is called outside a request such during the loading of the stronghold conf.py, now, it takes into account FORCE_SCRIPT_PREFIX. Also, request.path_info means path without the script prefix. So, the reversed URLs contain script prefix and the compared value request.path_info does not have script prefix. So, they never match and are not treated as public URLs.
The text was updated successfully, but these errors were encountered:
In Django 1.10, when using
django_setup(set_prefix=True)andFORCED_SCRIPT_PREFIX, public named URLs do not work and login URLs lead to infinite redirects.Stronghold during load time is
reverse()ing all the URLs fromSTRONGHOLD_PUBLIC_NAMED_URLSand storing them as public URLs. Then, in the middleware it compares them withrequest.path_infoto determine if the current URL being requested is a public URL.With Django 1.10, a new parameter to
django.setup()was introduced to makeFORCE_SCRIPT_PREFIXapplicable outside the requests. So, whenreverse()is called outside a request such during the loading of the stronghold conf.py, now, it takes into accountFORCE_SCRIPT_PREFIX. Also,request.path_infomeans path without the script prefix. So, the reversed URLs contain script prefix and the compared valuerequest.path_infodoes not have script prefix. So, they never match and are not treated as public URLs.The text was updated successfully, but these errors were encountered: