innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Fixed #2092: added a "is_secure()" method to HttpRequest which correctly handles the subtleties of mod_python's interaction with os.environ. This one's been bugging me for about a *year*, so many many thanks to k.shaposhnikov@gmail.com for figuring it out, and Tim Shaffer for pointing out this ticket. 

git-svn-id: http://code.djangoproject.com/svn/django/trunk@3410 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Jacob Kaplan-Moss 2006-07-21 16:20:22 +00:00
parent 8bdd19beea
commit e9a236d86c
7 changed files with 29 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
django/contrib/admin/views/doc.py
View File

@ -28,7 +28,7 @@ def bookmarklets(request):
# Hack! This couples this view to the URL it lives at. # Hack! This couples this view to the URL it lives at.
admin_root = request.path[:-len('doc/bookmarklets/')] admin_root = request.path[:-len('doc/bookmarklets/')]
return render_to_response('admin_doc/bookmarklets.html', { return render_to_response('admin_doc/bookmarklets.html', {
'admin_url': "%s://%s%s" % (os.environ.get('HTTPS') == 'on' and 'https' or 'http', get_host(request), admin_root), 'admin_url': "%s://%s%s" % (request.is_secure() and 'https' or 'http', get_host(request), admin_root),
}, context_instance=RequestContext(request)) }, context_instance=RequestContext(request))
bookmarklets = staff_member_required(bookmarklets) bookmarklets = staff_member_required(bookmarklets)

3
django/core/handlers/modpython.py
View File

@ -23,6 +23,9 @@ class ModPythonRequest(http.HttpRequest):
def get_full_path(self): def get_full_path(self):
return '%s%s' % (self.path, self._req.args and ('?' + self._req.args) or '') return '%s%s' % (self.path, self._req.args and ('?' + self._req.args) or '')
def is_secure(self):
return self._req.subprocess_env.has_key('HTTPS') and self._req.subprocess_env['HTTPS'] == 'on'
def _load_post_and_files(self): def _load_post_and_files(self):
"Populates self._post and self._files" "Populates self._post and self._files"
if self._req.headers_in.has_key('content-type') and self._req.headers_in['content-type'].startswith('multipart'): if self._req.headers_in.has_key('content-type') and self._req.headers_in['content-type'].startswith('multipart'):

3
django/core/handlers/wsgi.py
View File

@ -66,6 +66,9 @@ class WSGIRequest(http.HttpRequest):
def get_full_path(self): def get_full_path(self):
return '%s%s' % (self.path, self.environ.get('QUERY_STRING', '') and ('?' + self.environ.get('QUERY_STRING', '')) or '') return '%s%s' % (self.path, self.environ.get('QUERY_STRING', '') and ('?' + self.environ.get('QUERY_STRING', '')) or '')
def is_secure(self):
return self.environ.has_key('HTTPS') and self.environ['HTTPS'] == 'on'
def _load_post_and_files(self): def _load_post_and_files(self):
# Populates self._post and self._files # Populates self._post and self._files
if self.method == 'POST': if self.method == 'POST':

4
django/http/__init__.py
View File

@ -1,3 +1,4 @@
import os
from Cookie import SimpleCookie from Cookie import SimpleCookie
from pprint import pformat from pprint import pformat
from urllib import urlencode, quote from urllib import urlencode, quote
@ -38,6 +39,9 @@ class HttpRequest(object):
def get_full_path(self): def get_full_path(self):
return '' return ''
def is_secure(self):
return os.environ.get("HTTPS") == "on"
def parse_file_upload(header_dict, post_data): def parse_file_upload(header_dict, post_data):
"Returns a tuple of (POST MultiValueDict, FILES MultiValueDict)" "Returns a tuple of (POST MultiValueDict, FILES MultiValueDict)"
import email, email.Message import email, email.Message

4
django/middleware/common.py
View File

@ -1,7 +1,7 @@
from django.conf import settings from django.conf import settings
from django import http from django import http
from django.core.mail import mail_managers from django.core.mail import mail_managers
import md5, os import md5
class CommonMiddleware(object): class CommonMiddleware(object):
""" """
@ -44,7 +44,7 @@ class CommonMiddleware(object):
if new_url != old_url: if new_url != old_url:
# Redirect # Redirect
if new_url[0]: if new_url[0]:
newurl = "%s://%s%s" % (os.environ.get('HTTPS') == 'on' and 'https' or 'http', new_url[0], new_url[1]) newurl = "%s://%s%s" % (request.is_secure() and 'https' or 'http', new_url[0], new_url[1])
else: else:
newurl = new_url[1] newurl = new_url[1]
if request.GET: if request.GET:

4
django/views/debug.py
View File

@ -124,7 +124,7 @@ def technical_500_response(request, exc_type, exc_value, tb):
'frames': frames, 'frames': frames,
'lastframe': frames[-1], 'lastframe': frames[-1],
'request': request, 'request': request,
'request_protocol': os.environ.get("HTTPS") == "on" and "https" or "http", 'request_protocol': request.is_secure() and "https" or "http",
'settings': get_safe_settings(), 'settings': get_safe_settings(),
'template_info': template_info, 'template_info': template_info,
'template_does_not_exist': template_does_not_exist, 'template_does_not_exist': template_does_not_exist,
@ -149,7 +149,7 @@ def technical_404_response(request, exception):
'urlpatterns': tried, 'urlpatterns': tried,
'reason': str(exception), 'reason': str(exception),
'request': request, 'request': request,
'request_protocol': os.environ.get("HTTPS") == "on" and "https" or "http", 'request_protocol': request.is_secure() and "https" or "http",
'settings': get_safe_settings(), 'settings': get_safe_settings(),
}) })
return HttpResponseNotFound(t.render(c), mimetype='text/html') return HttpResponseNotFound(t.render(c), mimetype='text/html')

4
docs/request_response.txt
View File

@ -150,6 +150,10 @@ Methods
Example: ``"/music/bands/the_beatles/?print=true"`` Example: ``"/music/bands/the_beatles/?print=true"``
``is_secure()``
Returns ``True`` if the request is secure; that is, if it was made with
HTTPS.
QueryDict objects QueryDict objects
----------------- -----------------