Django的S3存储介质URL为https://而不是HTTP:// [英] Django storage s3 media url is https:// instead of http://
问题描述
在服务与Django的S3存储介质,正在生成媒体的URL是这样的:
<$p$p><$c$c>https://mybucket.s3.amazonaws.com/myimage.jpg?Signature=5ifoyLqzmtfVNS1ovfzVvN92RH0%3D&Expires=1363124819&AWSAccessKeyId=AKIAJ7ZTU7K4SPYKGOFA因为HTTPS的
导致图像无法显示:
您尝试访问mybucket.s3.amazonaws.com,
而是你居然达到一台服务器是标识为* .s3.amazonaws.com。
这可能是由在服务器上或通过一些更严重的问题导致。在网络上的攻击者可能正试图让您访问假冒mybucket.s3.amazonaws.com(并且可能有害)。
我所需要的图像进行任HTTP不是HTTPS
我的设置是:
DEFAULT_FILE_STORAGE ='storages.backends.s3boto.S3BotoStorage
AWS_ACCESS_KEY_ID =AKIAJ .... K4SPYKGOFA
AWS_SECRET_ACCESS_KEY =2Y7G98JoCRzAEp .... rPoCjWZuwDaQ
AWS_STORAGE_BUCKET_NAME =mybucket
我试着设置MEDIA_URL,并s3_url正常的HTTP,但它并没有改变任何东西。
我使用Django 1.5
我会尝试加入这个属性来设置:
AWS_S3_SECURE_URLS =假
它看起来并不像它的记录在Django的存储器的文档短暂的一瞥后,但关于它的这个博客谈多一点。 <一href="http://www.eliotk.net/05/30/force-http-with-django-storages-and-s3boto/">http://www.eliotk.net/05/30/force-http-with-django-storages-and-s3boto/
When serving media with django-storage s3, the media url that is being generated is something like this:
https://mybucket.s3.amazonaws.com/myimage.jpg?Signature=5ifoyLqzmtfVNS1ovfzVvN92RH0%3D&Expires=1363124819&AWSAccessKeyId=AKIAJ7ZTU7K4SPYKGOFA
Causing the images to not be displayed because of https:
You attempted to reach mybucket.s3.amazonaws.com,
but instead you actually reached a server identifying itself as *.s3.amazonaws.com.
This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of mybucket.s3.amazonaws.com.
I need the images to be served as HTTP not HTTPS
My settings are:
DEFAULT_FILE_STORAGE = 'storages.backends.s3boto.S3BotoStorage'
AWS_ACCESS_KEY_ID = "AKIAJ....K4SPYKGOFA"
AWS_SECRET_ACCESS_KEY = "2Y7G98JoCRzAEp....rPoCjWZuwDaQ"
AWS_STORAGE_BUCKET_NAME = "mybucket"
I tried set the media_url, and s3_url to normal http, but it didn't change anything.
I'm using django 1.5
I would try adding this property to your settings:
AWS_S3_SECURE_URLS = False
It doesn't look like it's documented after a brief glance at the django-storages docs, but this blog talks about it a bit more. http://www.eliotk.net/05/30/force-http-with-django-storages-and-s3boto/
这篇关于Django的S3存储介质URL为https://而不是HTTP://的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!