Hi,
Steven was right there is a line
os.environ.update(req.subprocess_env) in mod_python handler.
which sets the 'HTTPS' :'on' in os.environ if https is active.
Adrain:
I tried running the metadata view there is nothing in META, that would
tell if https is active.
I wonder if it still would be useful, to have that info in META anyway.
I mean some sort of abstraction so that user doesn't have to worry
about whether his django code is run by mod_python or wsgi or whatever
else. Or perhaps to make it a policy that that info is always
available in os.environ regardless of the handler being used.
Now that we are discussing this fine framework and HTTPS, here is my
second problem.
As I mentioned I have a server that can be accessed by both https and http.
All is fine except MEDIA_URL setting.
What happens is that MEDIA_URL needs to change if one uses separate
server for media and one for django code (See function _get_FIELD_url
which is using MEDIA_URL to assemble url to the image).
If MEDIA_URL stays pointed at http user gets complaints from the
browser that the secure page is containing insecure items.
Now I solved it by using middleware like this (note the HTTPS is
present in meta because i patched my version of django).
import django.conf.settings
class MediaUrlMiddleware:
def process_request(self, request):
django.conf.settings.MEDIA_URL = django.conf.settings.HTTP_MEDIA_URL
if 'HTTPS' in request.META:
if request.META['HTTPS'] == 'on':
django.conf.settings.MEDIA_URL =
django.conf.settings.HTTPS_MEDIA_URL
return None
Is this a good way to go about this? Any thoughts?
Thanks
jakub
On 5/5/06, Adrian Holovaty <[EMAIL PROTECTED]> wrote:
>
> On 5/5/06, Jakub Labath <[EMAIL PROTECTED]> wrote:
> > Thanks but I don't seem to have the 'wsgi.url_scheme' available in my
> > request.META could it be becuase I'm using apache and mod_python?
>
> Yeah, 'wsgi.url_scheme' is only available via the WSGI handler, not
> the mod_python handler.
>
> I know there's some way to detect HTTPS, but I can't remember it, and
> I don't have access to an HTTPS Django installation that I can easily
> check on...
>
> There's a sample Django view called "metadata()" in
> examples/hello/views.py in the new, post-magic-removal trunk. Run that
> view on your HTTPS server to see all request.META keys. If you find
> it, let me know, and I'll update the docs.
>
> If you're not running the new trunk yet, you should just be able to
> copy that view off of this page:
>
> http://code.djangoproject.com/browser/django/trunk/examples/hello/views.py
>
> Adrian
>
> --
> Adrian Holovaty
> holovaty.com | djangoproject.com
>
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-developers
-~----------~----~----~----~------~----~------~--~---
