Mercurial > kallithea
annotate rhodecode/lib/middleware/https_fixup.py @ 2668:f0851f37d6be beta
Implementes #509 require SSL flag now works for both git and mercurial.
- check is done at earlies possible stage
- if detected protocol is not https and flag require is there RhodeCode will
return HTTP Error 406: Not Acceptable, before even checking credentials
- removed push_ssl flag from mercurial UI objects since that would duplicate logic
| author | Marcin Kuzminski <marcin@python-works.com> |
|---|---|
| date | Thu, 26 Jul 2012 23:03:26 +0200 |
| parents | 8ecfed1d8f8b |
| children | 63e58ef80ef1 26bf9c8baad2 |
| rev | line source |
|---|---|
|
903
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
1 # -*- coding: utf-8 -*- |
|
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
2 """ |
|
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
3 rhodecode.lib.middleware.https_fixup |
|
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
4 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
5 |
|
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
6 middleware to handle https correctly |
|
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
914
diff
changeset
|
7 |
|
903
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
8 :created_on: May 23, 2010 |
|
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
9 :author: marcink |
|
1824
89efedac4e6c
2012 copyrights
Marcin Kuzminski <marcin@python-works.com>
parents:
1275
diff
changeset
|
10 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com> |
|
903
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
11 :license: GPLv3, see COPYING for more details. |
|
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
12 """ |
|
1206
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
13 # This program is free software: you can redistribute it and/or modify |
|
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
14 # it under the terms of the GNU General Public License as published by |
|
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
15 # the Free Software Foundation, either version 3 of the License, or |
|
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
16 # (at your option) any later version. |
|
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
914
diff
changeset
|
17 # |
|
252
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
204
diff
changeset
|
18 # This program is distributed in the hope that it will be useful, |
|
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
204
diff
changeset
|
19 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
204
diff
changeset
|
20 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
204
diff
changeset
|
21 # GNU General Public License for more details. |
|
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
914
diff
changeset
|
22 # |
|
252
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
204
diff
changeset
|
23 # You should have received a copy of the GNU General Public License |
|
1206
a671db5bdd58
fixed license issue #149
Marcin Kuzminski <marcin@python-works.com>
parents:
1203
diff
changeset
|
24 # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
252
3782a6d698af
licensing updates, code cleanups
Marcin Kuzminski <marcin@python-works.com>
parents:
204
diff
changeset
|
25 |
| 2109 | 26 from rhodecode.lib.utils2 import str2bool |
|
914
110a00c181de
Added force https option into config files
Marcin Kuzminski <marcin@python-works.com>
parents:
903
diff
changeset
|
27 |
|
1275
2723276285ae
pep8ify middlewares
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
28 |
|
204
a8ea3ce3cdc4
Created middleware package. Crated special middleware to handle https requests redirections.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
29 class HttpsFixup(object): |
|
1275
2723276285ae
pep8ify middlewares
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
30 |
|
914
110a00c181de
Added force https option into config files
Marcin Kuzminski <marcin@python-works.com>
parents:
903
diff
changeset
|
31 def __init__(self, app, config): |
|
204
a8ea3ce3cdc4
Created middleware package. Crated special middleware to handle https requests redirections.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
32 self.application = app |
|
914
110a00c181de
Added force https option into config files
Marcin Kuzminski <marcin@python-works.com>
parents:
903
diff
changeset
|
33 self.config = config |
|
903
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
34 |
|
204
a8ea3ce3cdc4
Created middleware package. Crated special middleware to handle https requests redirections.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
35 def __call__(self, environ, start_response): |
|
a8ea3ce3cdc4
Created middleware package. Crated special middleware to handle https requests redirections.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
36 self.__fixup(environ) |
|
a8ea3ce3cdc4
Created middleware package. Crated special middleware to handle https requests redirections.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
37 return self.application(environ, start_response) |
|
903
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
38 |
|
204
a8ea3ce3cdc4
Created middleware package. Crated special middleware to handle https requests redirections.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
39 def __fixup(self, environ): |
|
1275
2723276285ae
pep8ify middlewares
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
40 """ |
|
2723276285ae
pep8ify middlewares
Marcin Kuzminski <marcin@python-works.com>
parents:
1206
diff
changeset
|
41 Function to fixup the environ as needed. In order to use this |
|
1203
6832ef664673
source code cleanup: remove trailing white space, normalize file endings
Marcin Kuzminski <marcin@python-works.com>
parents:
914
diff
changeset
|
42 middleware you should set this header inside your |
|
204
a8ea3ce3cdc4
Created middleware package. Crated special middleware to handle https requests redirections.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
43 proxy ie. nginx, apache etc. |
|
a8ea3ce3cdc4
Created middleware package. Crated special middleware to handle https requests redirections.
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
44 """ |
|
2668
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
45 # DETECT PROTOCOL ! |
|
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
46 if 'HTTP_X_URL_SCHEME' in environ: |
|
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
47 proto = environ.get('HTTP_X_URL_SCHEME') |
|
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
48 elif 'HTTP_X_FORWARDED_SCHEME' in environ: |
|
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
49 proto = environ.get('HTTP_X_FORWARDED_SCHEME') |
|
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
50 elif 'HTTP_X_FORWARDED_PROTO' in environ: |
|
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
51 proto = environ.get('HTTP_X_FORWARDED_PROTO') |
|
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
52 else: |
|
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
53 proto = 'http' |
|
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
54 org_proto = proto |
|
903
04c9bb9ca6d6
code docs, updates
Marcin Kuzminski <marcin@python-works.com>
parents:
902
diff
changeset
|
55 |
|
2668
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
56 # if we have force, just override |
|
914
110a00c181de
Added force https option into config files
Marcin Kuzminski <marcin@python-works.com>
parents:
903
diff
changeset
|
57 if str2bool(self.config.get('force_https')): |
|
110a00c181de
Added force https option into config files
Marcin Kuzminski <marcin@python-works.com>
parents:
903
diff
changeset
|
58 proto = 'https' |
|
2054
787f1d157984
extended https fixup middleware.
Marcin Kuzminski <marcin@python-works.com>
parents:
1824
diff
changeset
|
59 |
|
2668
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
60 environ['wsgi.url_scheme'] = proto |
|
f0851f37d6be
Implementes #509 require SSL flag now works for both git and mercurial.
Marcin Kuzminski <marcin@python-works.com>
parents:
2109
diff
changeset
|
61 environ['wsgi._org_proto'] = org_proto |