41
I think you should create different settings.py ( base_settings.py, local_settings.py, production_settings.py). And in your settings.py do something like this:
import socket
if socket.gethostname()=="Raouf-PC":
from local_settings import *
Change βRaouf-PCβ to the hostname of your PC.
P:S: Iβm using Windows 10.
After doing that place the below data in your production_settings.py and save. Then clear your browser cache and visit your site in development server.
SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
SECURE_SSL_REDIRECT = True
If the above doesnβt suit your needs, then in your local_settings.py paste the below data, save and clear your browser cache and visit your site.
SESSION_COOKIE_SECURE = False
CSRF_COOKIE_SECURE = False
SECURE_SSL_REDIRECT = False
Note: at the beginning of production_setttings.py and local_settings.py put:
from base_settings.py import *
Your base settings should contain βsettingsβ that will be used both on local and production server so you wonβt be repeating it everytime.
P:S If my answer is accepted, I dedicate it to the good people on SO who have helped me in one way or the other. This is my first time of answering a question. I hope to do more in the future. 
22
You probably have the setting SECURE_SSL_REDIRECT set to True
This setting should be False when running the development server
- [Django]-Django Rest Framework β Authentication credentials were not provided
- [Django]-How can I serialize a queryset from an unrelated model as a nested serializer?
- [Django]-Expire a view-cache in Django?
17
Instead of using the command
python manage.py runserver
I used
python manage.py runserver 8080
Just by changing the port number, it is working for me.
- [Django]-Whats the difference between using {{STATIC_URL}} and {% static %}
- [Django]-How to create password input field in django
- [Django]-How to validate an Email address in Django?
8
CORS_REPLACE_HTTPS_REFERER = False
HOST_SCHEME = "http://"
SECURE_PROXY_SSL_HEADER = None
SECURE_SSL_REDIRECT = False
SESSION_COOKIE_SECURE = False
CSRF_COOKIE_SECURE = False
SECURE_HSTS_SECONDS = None
SECURE_HSTS_INCLUDE_SUBDOMAINS = False
SECURE_FRAME_DENY = False
1. Put this settings at the end of your settings.py
2. Clear your browser cache and then run your project.
- [Django]-Unable log in to the django admin page with a valid username and password
- [Django]-Django Cannot set values on a ManyToManyField which specifies an intermediary model. Use Manager instead
- [Django]-How to create an object for a Django model with a many to many field?
3
If you are part of a team, you can use a variable to set the development environment. I use DJANGO_DEV=development
for e.g., on the computer that will be used for development, you add this to your ~/.bashrc file:
export DJANGO_DEV=true
or you can use django-environ
After that you can check, if current environment is a DEV env and set the specific values.
import os
if os.environ.get('DJANGO_ENV') is not None:
SECURE_SSL_REDIRECT = False
SESSION_COOKIE_SECURE = False
CSRF_COOKIE_SECURE = False
else:
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
SECURE_SSL_REDIRECT = True
SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
If there are multiple settings, that you can go and define specific files as described in @yoyoβs answer.
- [Django]-Pulling data to the template from an external database with django
- [Django]-Django post_save() signal implementation
- [Django]-Django 1.7 throws django.core.exceptions.AppRegistryNotReady: Models aren't loaded yet
1
Simply change the path in your .env file to http://localhost:8000/
It worked for me. Iβm using the Django backend and React frontend with the Django rest framework.
- [Django]-Difference between auto_now and auto_now_add
- [Django]-Differences between STATICFILES_DIR, STATIC_ROOT and MEDIA_ROOT
- [Django]-Django: Redirect to previous page after login
1
Nothing above helped me so digged in setting.py and
changed this to ACCOUNT_DEFAULT_HTTP_PROTOCOL = "https"
this ACCOUNT_DEFAULT_HTTP_PROTOCOL = "http"
it fixed the problem for me hope it helps
- [Django]-What is the right way to validate if an object exists in a django view without returning 404?
- [Django]-Error: could not determine PostgreSQL version from '10.3' β Django on Heroku
- [Django]-Django: guidelines for speeding up template rendering performance
1
Additionally to settings.py setup with SECURE_SSL_REDIRECT=False for development.
To fix the https redirecting for localhost:
- Go to https://127.0.0.1:8000
- Open developer mode in your browser
- Disable cache on the Network tab
- Update the page with http://127.0.0.1:8000
- Enable cache
Or try Empty Cache and Hard Reload by right-clicking on the update icon in development mode in browser.
To open dev mode in Chrome use: Option + β + J (on macOS), or Shift + CTRL + J (on Windows/Linux)
- [Django]-Where to store secret keys DJANGO
- [Django]-Django filter JSONField list of dicts
- [Django]-How to refer to static files in my css files?
1
I know this question is old and already solved, but here it is for anyone who has a problem (as was my case today):
In my case, I followed (partially) as Huy Than proposed, after having changed SECURE_SSL_REDIRECT, CSRF_COOKIE_SECURE and SESSION_COOKIE_SECURE to False, I only cleared the cache, restarted the IDE and the browser.
I corrected the error and was able to access my website.
- [Django]-Django Rest Framework β Could not resolve URL for hyperlinked relationship using view name "user-detail"
- [Django]-Django order_by query set, ascending and descending
- [Django]-Django's Double Underscore
0
I also recommend to be sure that you are not trying access page by some port. For example by running Django server on PyCharm with some port.
- [Django]-How to set another Inline title in Django Admin?
- [Django]-Django: using <select multiple> and POST
- [Django]-How do I convert datetime.timedelta to minutes, hours in Python?
0
its clearly telling that you are accessing development server over https, but it only supports http.
usually we access development server like http://127.0.0.1:8000 but in your case its https://127.0.0.1:8000 as itβs mentioned we cannot access development server over https.
I have gone through the same problem, but in my case when I was sending the email verification to gmail account, I was sending endpoint as https://127.0.0.1:8000/verify. https was used instead of http, so I corrected it to http then it worked fine.
- [Django]-">", "<", ">=" and "<=" don't work with "filter()" in Django
- [Django]-What is the clean way to unittest FileField in django?
- [Django]-How to see which tests were run during Django's manage.py test command
0
-
Insert the below configs at the end of your settings.py file or completely comment them out(if you already had)
SECURE_CONTENT_TYPE_NOSNIFF = False
SECURE_BROWSER_XSS_FILTER = False
SECURE_SSL_REDIRECT = False
SESSION_COOKIE_SECURE = False
CSRF_COOKIE_SECURE = False
X_FRAME_OPTIONS = βDENYβ
then-,
2. Clear your browser cache and then re-run your project.
- [Django]-Django Rest Framework β Authentication credentials were not provided
- [Django]-How to override and extend basic Django admin templates?
- [Django]-Is there a HAML implementation for use with Python and Django
0
Check the Djangoβs site URL. It may have https.
Disable following variables in settings.py or .env
SECURE_CONTENT_TYPE_NOSNIFF = True
SECURE_BROWSER_XSS_FILTER = True
SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
SECURE_SSL_REDIRECT = True
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
CSRF_TRUSTED_ORIGINS = ['yoursite.com']
Set DEBUG as True
DEBUG = True
Clear the Django siteβs(what you developed) cookies and sessions on the browser. For Google Chrome, steps are below.
Settings-> Privacy and Security -> Cookies and other site data -> See all cookies and site data -> Search your site name or IP and click βTrashβ icon.
Close the browser and reload the site now.
- [Django]-ReactJS with Django β real usage
- [Django]-Django aggregate or annotate
- [Django]-Page not found 404 Django media files