Opened 10 years ago
Closed 6 years ago
#24336 closed Cleanup/optimization (fixed)
static server should skip for protocol-relative STATIC_URL
Reported by: | Vlada Macek | Owned by: | farrepa |
---|---|---|---|
Component: | Core (Other) | Version: | dev |
Severity: | Normal | Keywords: | |
Cc: | Triage Stage: | Ready for checkin | |
Has patch: | yes | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Description
As per http://stackoverflow.com/questions/550038/is-it-valid-to-replace-http-with-in-a-script-src-http and the spread of http/https websites it appears to be legitimate to have STATIC_URL and MEDIA_URL starting with //
leading to a different domain under my control, but keeping the protocol. Hence this check
# No-op if not in debug mode or an non-local prefix if not settings.DEBUG or (prefix and '://' in prefix): return []
in django.conf.urls.static.static
will not match and does not turn off the static server as it should.
I guess ://
should at least be changed to //
.
Change History (8)
comment:1 by , 10 years ago
Needs tests: | set |
---|
comment:2 by , 10 years ago
comment:3 by , 10 years ago
It would be safer to skip URLs starting with:
http://
https://
//
The most robust solution may be to parse the URL and skip it if the host part isn't empty.
comment:4 by , 10 years ago
Easy pickings: | unset |
---|---|
Needs tests: | unset |
Triage Stage: | Unreviewed → Accepted |
Type: | Bug → Cleanup/optimization |
comment:5 by , 10 years ago
Owner: | changed from | to
---|---|
Status: | new → assigned |
comment:7 by , 6 years ago
Triage Stage: | Accepted → Ready for checkin |
---|
I experimented on a local branch of Django and changed the
://
to//
and didn't see any immediate problems. However this'll definitely need tests to verify.