我有兴趣在我的整个python django项目上强加https。我找到了this解决方案,看起来很有希望。我将这些更改等同于我的settings.py
SECURE_SSL_REDIRECT = True
SECURE_HSTS_SECONDS = 60
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
SECURE_FRAME_DENY = True
SECURE_CONTENT_TYPE_NOSNIFF = True
SECURE_BROWSER_XSS_FILTER = True
SESSION_COOKIE_SECURE = True
SESSION_COOKIE_HTTPONLY = True
和
MIDDLEWARE_CLASSES = (
# This middleware is for ensuring that all pages use https
'djangosecure.middleware.SecurityMiddleware',
...
和
INSTALLED_APPS = (
# for https
'djangosecure',
...
当我运行python manage.py checksecure时,我得到的消息是All clear!,但是,当我部署到Google应用引擎时,我收到此错误:
File "/base/data/home/runtimes/python27/python27_lib/versions/third_party/django- 1.5/django/core/handlers/base.py", line 51, in load_middleware
raise exceptions.ImproperlyConfigured('Error importing middleware %s: "%s"' % (mw_module, e))
ImproperlyConfigured: Error importing middleware django-secure- 1.0.1.djangosecure.middleware: "No module named django-secure- 1.0.1.djangosecure.middleware"
我做错了什么?
答案 0 :(得分:1)
没有名为' django-secure'安装在Google App引擎环境中。您需要在Google App引擎中为您的应用程序提供此模块。
Here is a question and answer which gives instructions on how to do this