Aron Ahmadia

Note, I've already pulled out `BasicAuthentication` from the REST configuration, (using Session Authentication): ``` REST_FRAMEWORK = { 'DEFAULT_AUTHENTICATION_CLASSES': ( 'rest_framework.authentication.SessionAuthentication', ), 'DEFAULT_PERMISSION_CLASSES': ( 'rest_framework.permissions.AllowAny', ), 'DEFAULT_FILTER_BACKENDS': ('rest_framework.filters.DjangoFilterBackend',) } ``` Other...

@brittainhard - workaround is to ensure you've got trailing slashes on Django REST endpoints: See https://github.com/jashkenas/backbone/issues/848 for more details.

Please land the following patch when you get a chance: ``` diff --git a/source/base/static/base/js/backbone/trails_backbone.js b/source/base/static/base/js/backbone/trails_backbone.js index 0d98dd7..867024a 100644 --- a/source/base/static/base/js/backbone/trails_backbone.js +++ b/source/base/static/base/js/backbone/trails_backbone.js @@ -5,7 +5,7 @@ exports.Trail = Backbone.Model.extend({ -...

This is fixed in production, but not in our repository.

Found another one: ``` explorer.continuum.io/:1 Mixed Content: The page at 'https://explorer.continuum.io/seeds/datawake_import/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://explorer.continuum.io/api/seeds_list/1/'. This request has been blocked; the content must...

I've backed it out this far: source/base/templates/base/edit_seeds.html ``` ``` source/base/static/base/js/backbone/edit_seeds_backbone.js ``` el: "#seeds", form: "#editSeedsForm", invalidLines: [], template: _.template($("#editSeedsTemplate").html()), initialize: function(model){ this.model = model; var that = this; this.model.set({id: $("#seeds_pk").val()}).fetch({...

https://stackoverflow.com/questions/10555962/enable-django-and-tastypie-support-for-trailing-slashes

https://stackoverflow.com/questions/9097404/django-is-redirecting-from-https-to-http

Rubber-duckied my way out of this one. If I understand what's going on correctly: Backbone composes an incorrect request for a given seeds list using a very slightly incorrect URL:...

So the patches are to nginx and settings. I think this frees us from having to worry about trailing slashes so long as Django redirects to the correct resource.