Django的S3存储介质UR​​L为https：//而不是HTTP：// [英] Django storage s3 media url is https:// instead of http://

问题描述

在服务与Django的S3存储介质，正在生成媒体的URL是这样的：

<$p$p><$c$c>https://mybucket.s3.amazonaws.com/myimage.jpg?Signature=5ifoyLqzmtfVNS1ovfzVvN92RH0%3D&Expires=1363124819&AWSAccessKeyId=AKIAJ7ZTU7K4SPYKGOFA

因为HTTPS的

导致图像无法显示：

 您尝试访问mybucket.s3.amazonaws.com，
 而是你居然达到一台服务器是标识为* .s3.amazonaws.com。
 这可能是由在服务器上或通过一些更严重的问题导致。在网络上的攻击者可能正试图让您访问假冒mybucket.s3.amazonaws.com（并且可能有害）。
 

我所需要的图像进行任HTTP不是HTTPS

我的设置是：

  DEFAULT_FILE_STORAG​​E ='storages.backends.s3boto.S3BotoStorage
AWS_ACCESS_KEY_ID =AKIAJ .... K4SPYKGOFA
AWS_SECRET_ACCESS_KEY =2Y7G98JoCRzAEp .... rPoCjWZuwDaQ
AWS_STORAG​​E_BUCKET_NAME =mybucket
 

我试着设置MEDIA_URL，并s3_url正常的HTTP，但它并没有改变任何东西。

我使用Django 1.5

解决方案

我会尝试加入这个属性来设置：

  AWS_S3_SECURE_URLS =假
 

它看起来并不像它的记录在Django的存储器的文档短暂的一瞥后，但关于它的这个博客谈多一点。 <一href="http://www.eliotk.net/05/30/force-http-with-django-storages-and-s3boto/">http://www.eliotk.net/05/30/force-http-with-django-storages-and-s3boto/

When serving media with django-storage s3, the media url that is being generated is something like this:

https://mybucket.s3.amazonaws.com/myimage.jpg?Signature=5ifoyLqzmtfVNS1ovfzVvN92RH0%3D&Expires=1363124819&AWSAccessKeyId=AKIAJ7ZTU7K4SPYKGOFA

Causing the images to not be displayed because of https:

    You attempted to reach mybucket.s3.amazonaws.com,
 but instead you actually reached a server identifying itself as *.s3.amazonaws.com.
 This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of mybucket.s3.amazonaws.com.

I need the images to be served as HTTP not HTTPS

My settings are:

DEFAULT_FILE_STORAGE = 'storages.backends.s3boto.S3BotoStorage'
AWS_ACCESS_KEY_ID = "AKIAJ....K4SPYKGOFA"
AWS_SECRET_ACCESS_KEY = "2Y7G98JoCRzAEp....rPoCjWZuwDaQ"
AWS_STORAGE_BUCKET_NAME = "mybucket"

I tried set the media_url, and s3_url to normal http, but it didn't change anything.

I'm using django 1.5

解决方案

I would try adding this property to your settings:

AWS_S3_SECURE_URLS = False

It doesn't look like it's documented after a brief glance at the django-storages docs, but this blog talks about it a bit more. http://www.eliotk.net/05/30/force-http-with-django-storages-and-s3boto/

这篇关于Django的S3存储介质UR​​L为https：//而不是HTTP：//的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！