Django: 400 bad request syntax - what does this message mean?
I am using django to build a simple website. When you type the base address (which for now is 127.0.0.1:8000/
), I use django to show a view which does some checks and redirects you based on your user privileges. (If you have admin privileges, you go to /admin
, if you don't you go to /home
, and if you aren't logged in you go to /login
.)
When I make that HTTP request, I get redirected as I should but I also see the following two errors in my django log:
- code 400, message Bad request syntax
('\x16\x03\x01\x00\x95\x01\x00\x00\x91\x03\x01N\xaa\x9c\x08\x96\x7f\x92\xe9Z\x925\xcaY4\xa6\xa5\xab\xf2\x16\xfaT\x89\xe7\x8a\xc3\x99J)6\xfb\xc44\x00\x00H\xc0')
"??N????Z?5?Y4?????T??ÙJ)6??4H?" 400 -
I translated the hex in the first one to be (spaces added for legibility): SYN ETX NUL NUL U SOH NUL NUL Q ETX NUL N 170 156 X r 246 STX 141 214 ? 143 EOT FS j 142 223 s 241 220 < 185 \ \ m 242 &
I can certainly see why the server wouldn't like that as a request, but I have no idea where it's coming from.
Any ideas?
Thanks very much.
==============
Here is the code for the view:
def index(request):
user = request.user
admin_courses = []
if (user.is_authenticated()):
u_id = user.getUserId()
my_enrollment = Enrollment.objects.filter(user_id=u_id)
admin_enrollment = my_enrollment.filter(type="ADMIN")
for enr in admin_enrollment:
course = Course.objects.get(id=enr.getCourseId())
admin_courses.append(course)
if (len(admin_courses)>0):
return HttpResponseRedirect('/admin')
else:
return HttpResponseRedirect('/home')
return HttpResponseRedirect('/login')
Solution 1:
To address your actual question, this occurs if you're trying to access the django server over https. Switch back to http and that error will disappear.
Solution 2:
I get this kind of error when I run:
manage.py runserver ...
instead of:
manage.py runfcgi ...
because I'm behind Nginx.
When you use runserver, it is listening for standard http web requests. When you use runfcgi, it is listening for a different type of request, using fastcgi protocol instead of plain http.
Solution 3:
You could refactor this maintenance middleware to achieve the result, because it checks the user status BEFORE processing content requests, which seems more djangonostic..
import settings
from django.http import HttpResponseRedirect
class MaintenanceModeMiddleware(object):
"""
Maintenance mode for django
If an anonymous user requests a page, he/she is redirected to the
maintenance page.
"""
def process_request(self, request):
is_login = request.path in (
settings.LOGIN_REDIRECT_URL,
settings.LOGIN_URL,
settings.LOGOUT_URL,
settings.MAINTENANCE_PATH,
)
if (not is_login) and settings.MAINTENANCE and (not request.user.is_authenticated()):
return HttpResponseRedirect(settings.MAINTENANCE_PATH)
return None