On 9/24/07, Graham Dumpleton <[EMAIL PROTECTED]> wrote:
>
> In WSGI indication of https is specified by:
>
> wsgi.url_scheme A string representing the "scheme" portion of the URL
> at which the application is being invoked. Normally, this will have
> the value "http" or "https", as appropriate.
>
> If HTTPS is being set then it is incidental and should not be relied
> upon. If the internals of Django is expecting HTTPS to be set...
> [...]
>
Fortunately this is being handled by an abstraction in the form of a is_secure()
method on the Django handler classes on django.core.handlers.
Perhaps a patch like this would solve Jeffrey problems?:
--- a/django/core/handlers/wsgi.py Mon Sep 24 15:27:42 2007 -0300
+++ b/django/core/handlers/wsgi.py Mon Sep 24 20:56:59 2007 -0300
@@ -105,7 +105,7 @@ class WSGIRequest(http.HttpRequest):
return '%s%s' % (self.path, self.environ.get('QUERY_STRING',
'') and ('?' + self.environ.get('QUERY_STRING', '')) or '')
def is_secure(self):
- return 'HTTPS' in self.environ and self.environ['HTTPS'] == 'on'
+ return 'wsgi.url_scheme' in self.environ and
self.environ['wsgi.url_scheme'] == 'https'
def _load_post_and_files(self):
# Populates self._post and self._files
Regards,
--
Ramiro Morales
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-developers?hl=en
-~----------~----~----~----~------~----~------~--~---
