diff options
Diffstat (limited to 'lib/ssl')
-rw-r--r-- | lib/ssl/__init__.py | 0 | ||||
-rw-r--r-- | lib/ssl/middleware.py | 41 |
2 files changed, 41 insertions, 0 deletions
diff --git a/lib/ssl/__init__.py b/lib/ssl/__init__.py new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/lib/ssl/__init__.py diff --git a/lib/ssl/middleware.py b/lib/ssl/middleware.py new file mode 100644 index 0000000..11e1076 --- /dev/null +++ b/lib/ssl/middleware.py @@ -0,0 +1,41 @@ +__license__ = "Python"
+__copyright__ = "Copyright (C) 2007, Stephen Zabel"
+__author__ = "Stephen Zabel - sjzabel@gmail.com"
+__contributors__ = "Jay Parlar - parlar@gmail.com"
+
+from django.conf import settings
+from django.http import HttpResponseRedirect, HttpResponsePermanentRedirect, get_host
+
+SSL = 'SSL'
+
+class SSLRedirect:
+
+ def process_view(self, request, view_func, view_args, view_kwargs):
+ if SSL in view_kwargs:
+ secure = view_kwargs[SSL]
+ del view_kwargs[SSL]
+ else:
+ secure = False
+
+ if not secure == self._is_secure(request):
+ return self._redirect(request, secure)
+
+ def _is_secure(self, request):
+ if request.is_secure():
+ return True
+
+ #Handle the Webfaction case until this gets resolved in the request.is_secure()
+ if 'HTTP_X_FORWARDED_SSL' in request.META:
+ return request.META['HTTP_X_FORWARDED_SSL'] == 'on'
+
+ return False
+
+ def _redirect(self, request, secure):
+ protocol = secure and "https" or "http"
+ newurl = "%s://%s%s" % (protocol,get_host(request),request.get_full_path())
+ if settings.DEBUG and request.method == 'POST':
+ raise RuntimeError, \
+ """Django can't perform a SSL redirect while maintaining POST data.
+ Please structure your views so that redirects only occur during GETs."""
+
+ return HttpResponsePermanentRedirect(newurl)
\ No newline at end of file |