Mercurial > kallithea
annotate rhodecode/lib/middleware/https_fixup.py @ 3832:07f8039ef090 beta
Use repo-scann at latest possible state.
- we can ensure every config/checks were made before that step
- it should fix issues with custom GIT paths
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Thu, 09 May 2013 14:52:05 +0200 |
parents | 4ed55c851d1c |
children | 5293d4bbb1ea |
rev | line source |
---|---|
903
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
1 # -*- coding: utf-8 -*- |
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
2 """ |
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
3 rhodecode.lib.middleware.https_fixup |
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
4 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
5 |
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
6 middleware to handle https correctly |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
914
diff
changeset
|
7 |
903
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
8 :created_on: May 23, 2010 |
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
9 :author: marcink |
1824
89efedac4e6c
2012 copyrights
Marcin Kuzminski <marcin@python-works.com>
parents:
1275
diff
changeset
|
10 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com> |
903
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
11 :license: GPLv3, see COPYING for more details. |
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
12 """ |
1206
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
13 # This program is free software: you can redistribute it and/or modify |
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
14 # it under the terms of the GNU General Public License as published by |
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
15 # the Free Software Foundation, either version 3 of the License, or |
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
16 # (at your option) any later version. |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
914
diff
changeset
|
17 # |
252
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
204
diff
changeset
|
18 # This program is distributed in the hope that it will be useful, |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
204
diff
changeset
|
19 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
204
diff
changeset
|
20 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
204
diff
changeset
|
21 # GNU General Public License for more details. |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
914
diff
changeset
|
22 # |
252
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
204
diff
changeset
|
23 # You should have received a copy of the GNU General Public License |
1206
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
24 # along with this program. If not, see <http://www.gnu.org/licenses/>. |
252
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
204
diff
changeset
|
25 |
2109 | 26 from rhodecode.lib.utils2 import str2bool |
914
110a00c181de
Added force https option into config files
Marcin Kuzminski <marcin@python-works.com>
parents:
903
diff
changeset
|
27 |
1275
2723276285ae
pep8ify middlewares
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
28 |
204
a8ea3ce3cdc4
Created middleware package. Crated special middleware to handle https requests redirections.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
29 class HttpsFixup(object): |
1275
2723276285ae
pep8ify middlewares
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
30 |
914
110a00c181de
Added force https option into config files
Marcin Kuzminski <marcin@python-works.com>
parents:
903
diff
changeset
|
31 def __init__(self, app, config): |
204
a8ea3ce3cdc4
Created middleware package. Crated special middleware to handle https requests redirections.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
32 self.application = app |
914
110a00c181de
Added force https option into config files
Marcin Kuzminski <marcin@python-works.com>
parents:
903
diff
changeset
|
33 self.config = config |
903
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
34 |
204
a8ea3ce3cdc4
Created middleware package. Crated special middleware to handle https requests redirections.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
35 def __call__(self, environ, start_response): |
a8ea3ce3cdc4
Created middleware package. Crated special middleware to handle https requests redirections.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
36 self.__fixup(environ) |
3359
c394a564ab71
make the htsts headers optional and stored in .ini file.
Marcin Kuzminski <marcin@python-works.com>
parents:
3238
diff
changeset
|
37 debug = str2bool(self.config.get('debug')) |
3795
4ed55c851d1c
fix broken handling of adding an htsts.
Marcin Kuzminski <marcin@python-works.com>
parents:
3359
diff
changeset
|
38 is_ssl = environ['wsgi.url_scheme'] == 'https' |
3359
c394a564ab71
make the htsts headers optional and stored in .ini file.
Marcin Kuzminski <marcin@python-works.com>
parents:
3238
diff
changeset
|
39 |
3795
4ed55c851d1c
fix broken handling of adding an htsts.
Marcin Kuzminski <marcin@python-works.com>
parents:
3359
diff
changeset
|
40 def custom_start_response(status, headers, exc_info=None): |
4ed55c851d1c
fix broken handling of adding an htsts.
Marcin Kuzminski <marcin@python-works.com>
parents:
3359
diff
changeset
|
41 if is_ssl and str2bool(self.config.get('use_htsts')) and not debug: |
4ed55c851d1c
fix broken handling of adding an htsts.
Marcin Kuzminski <marcin@python-works.com>
parents:
3359
diff
changeset
|
42 headers.append(('Strict-Transport-Security', |
4ed55c851d1c
fix broken handling of adding an htsts.
Marcin Kuzminski <marcin@python-works.com>
parents:
3359
diff
changeset
|
43 'max-age=8640000; includeSubDomains')) |
4ed55c851d1c
fix broken handling of adding an htsts.
Marcin Kuzminski <marcin@python-works.com>
parents:
3359
diff
changeset
|
44 return start_response(status, headers, exc_info) |
4ed55c851d1c
fix broken handling of adding an htsts.
Marcin Kuzminski <marcin@python-works.com>
parents:
3359
diff
changeset
|
45 |
4ed55c851d1c
fix broken handling of adding an htsts.
Marcin Kuzminski <marcin@python-works.com>
parents:
3359
diff
changeset
|
46 return self.application(environ, custom_start_response) |
903
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
47 |
204
a8ea3ce3cdc4
Created middleware package. Crated special middleware to handle https requests redirections.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
48 def __fixup(self, environ): |
1275
2723276285ae
pep8ify middlewares
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
49 """ |
2723276285ae
pep8ify middlewares
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
50 Function to fixup the environ as needed. In order to use this |
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
914
diff
changeset
|
51 middleware you should set this header inside your |
204
a8ea3ce3cdc4
Created middleware package. Crated special middleware to handle https requests redirections.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
52 proxy ie. nginx, apache etc. |
a8ea3ce3cdc4
Created middleware package. Crated special middleware to handle https requests redirections.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
53 """ |
2668
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
54 # DETECT PROTOCOL ! |
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
55 if 'HTTP_X_URL_SCHEME' in environ: |
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
56 proto = environ.get('HTTP_X_URL_SCHEME') |
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
57 elif 'HTTP_X_FORWARDED_SCHEME' in environ: |
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
58 proto = environ.get('HTTP_X_FORWARDED_SCHEME') |
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
59 elif 'HTTP_X_FORWARDED_PROTO' in environ: |
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
60 proto = environ.get('HTTP_X_FORWARDED_PROTO') |
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
61 else: |
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
62 proto = 'http' |
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
63 org_proto = proto |
903
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
64 |
2668
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
65 # if we have force, just override |
914
110a00c181de
Added force https option into config files
Marcin Kuzminski <marcin@python-works.com>
parents:
903
diff
changeset
|
66 if str2bool(self.config.get('force_https')): |
110a00c181de
Added force https option into config files
Marcin Kuzminski <marcin@python-works.com>
parents:
903
diff
changeset
|
67 proto = 'https' |
2054
787f1d157984
extended https fixup middleware.
Marcin Kuzminski <marcin@python-works.com>
parents:
1824
diff
changeset
|
68 |
2668
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
69 environ['wsgi.url_scheme'] = proto |
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
70 environ['wsgi._org_proto'] = org_proto |