Mercurial > kallithea
diff rhodecode/lib/middleware/https_fixup.py @ 2668:f0851f37d6be beta
Implementes #509 require SSL flag now works for both git and mercurial.
- check is done at earlies possible stage
- if detected protocol is not https and flag require is there RhodeCode will
return HTTP Error 406: Not Acceptable, before even checking credentials
- removed push_ssl flag from mercurial UI objects since that would duplicate logic
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Thu, 26 Jul 2012 23:03:26 +0200 |
parents | 8ecfed1d8f8b |
children | 63e58ef80ef1 26bf9c8baad2 |
line wrap: on
line diff
--- a/rhodecode/lib/middleware/https_fixup.py Thu Jul 26 22:22:31 2012 +0200 +++ b/rhodecode/lib/middleware/https_fixup.py Thu Jul 26 23:03:26 2012 +0200 @@ -42,21 +42,20 @@ middleware you should set this header inside your proxy ie. nginx, apache etc. """ + # DETECT PROTOCOL ! + if 'HTTP_X_URL_SCHEME' in environ: + proto = environ.get('HTTP_X_URL_SCHEME') + elif 'HTTP_X_FORWARDED_SCHEME' in environ: + proto = environ.get('HTTP_X_FORWARDED_SCHEME') + elif 'HTTP_X_FORWARDED_PROTO' in environ: + proto = environ.get('HTTP_X_FORWARDED_PROTO') + else: + proto = 'http' + org_proto = proto + # if we have force, just override if str2bool(self.config.get('force_https')): proto = 'https' - else: - if 'HTTP_X_URL_SCHEME' in environ: - proto = environ.get('HTTP_X_URL_SCHEME') - elif 'HTTP_X_FORWARDED_SCHEME' in environ: - proto = environ.get('HTTP_X_FORWARDED_SCHEME') - elif 'HTTP_X_FORWARDED_PROTO' in environ: - proto = environ.get('HTTP_X_FORWARDED_PROTO') - else: - proto = 'http' - if proto == 'https': - environ['wsgi.url_scheme'] = proto - else: - environ['wsgi.url_scheme'] = 'http' - return None + environ['wsgi.url_scheme'] = proto + environ['wsgi._org_proto'] = org_proto