I recently changed my Django app powered by Docker over to a paid plan. After I did this on next the deploy my service started not loading in the browser with the error message saying there were to many redirects.
There are no errors in the deployment logs or the runtime logs. When running a simple GET request to https://globalfingerprints.onrender.com I see the following headers come back.
HTTP/1.1 301 Moved Permanently
Date: Tue, 24 May 2022 12:05:10 GMT
Content-Type: text/html; charset=utf-8
X-Xss-Protection: 1; mode=block
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
I seems like perhaps cloudflare is involved and perhaps doing the redirects? My app doesn’t use cloudfare so I am wondering if could be something on the render.com side.
Thanks for reaching out.
I made a request to your service bypassing Cloudflare and I still see a 301 returned by your application:
HTTP/2 301...< date: Wed, 25 May 2022 13:26:03 GMTdate: Wed, 25 May 2022 13:26:03 GMT< location: https://globalfingerprints.onrender.com/location: https://globalfingerprints.onrender.com/...< server: gunicornserver: gunicorn...
Does your code have any redirect logic? Maybe enforcing SSL? Render already enforces that. Or Maybe some auth redirect?
I seem to remember Django needing a list of ALLOWED_HOSTS too, is that configured? Although, that usually manifests as a
400 Bad Request error.
Hope that helps
Alan, Thank you that was the problem! I did indeed have an SSL redirect in my app. The only thing I cannot explain is the app was working with redirect on and then sudden stopped working. I have now taken the SSL redirect out and things are working great.
I do have the ALLOW_HOSTS configured as the docs state:
ALLOWED_HOSTS = ['app.globalfingerprints.org']
RENDER_EXTERNAL_HOSTNAME = os.environ.get('RENDER_EXTERNAL_HOSTNAME')
Glad to hear you were able to resolve your issue.
I’m not sure why that behavior would’ve changed for your service, I’m not aware of any https enforcement changes on our side.
Please let us know if we can assist any further.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.