search

kapt-labs / django-check-seo

Django Check SEO will check the SEO aspects of your site for you, and will provide advice in case of problems. Compatible with Django & Django-CMS!
GNU General Public License v3.0
154 stars 12 forks source link

Send DJANGO_CHECK_SEO_AUTH along with the request in case of redirect [3xx] #43

Closed rhenanbartels closed 3 years ago

rhenanbartels commented 3 years ago

Hi!

First of all, I would like to thank you for the great work! This is a very helpful package and It saved us a lot of time on enhancing the SEO of our posts.

Recently, we started using the DJANGO_CHECK_SEO_AUTH to use auth credentials along with the request. But for reasons we don't fully control, the DNS server is redirecting us to another URL.

In this scenario, because of a characteristic of the requests package, the HTTP_AUTHORATION is not sent in the redirect request (after a 3xx) and we end up with a 404 (the view wasn't able to authenticate the request).

I was wondering if the request made by django_check_seo could check for a 3xx status code and follow the new URL location with the DJANGO_CHECK_SEO_AUTH information.

Here is a simple example:

import requests

r = requests.get(
    URL, 
    auth=(
        settings.DJANGO_CHECK_SEO_AUTH["user"],
        settings.DJANGO_CHECK_SEO_AUTH["pass"],
     ),
    allow_redirects=False
)

if 300 < r.status_code < 400:
    r = requests.get(
    r.headers['location'], 
    auth=(
        settings.DJANGO_CHECK_SEO_AUTH["user"],
        settings.DJANGO_CHECK_SEO_AUTH["pass"],
     ),
)

Versions

Thank you very much, []s

corentinbettiol commented 3 years ago

Hello, thank you for the kind words and for the detailed explanation!

I think that I will add this as a setting (which will default to False, since it's relative to a CVE), and a warning in the README.