On Thu, May 27, 2010 at 12:02 PM, daniel <[email protected]> wrote:
> Thank you for great comments and thank you to Mike too for additional
> precious inputs. I discovered the low port number story while trying
> to understand the issue.
>
> Acually it was masking another problem that I found while setting the
> port at 4443. Hopefully I could solve it.
>
> The error was the following:
>
> File "... python2.6/SocketServer.py", line 257, in handle_request
> timeout = self.socket.gettimeout()
> AttributeError: TSafeConnection instance has no attribute 'gettimeout'
> 20:04:58,828 INFO [paste.httpserver.ThreadPool] [Dummy-2] Shutting
> down threadpool
> 20:04:58,828 INFO [paste.httpserver.ThreadPool] [Dummy-2] All workers
> stopped
>
> After some googling I discovered a patch was missing into my
> application on the ...lib/python2.6/site-packages/paste/httpserver.py
> file
>
> details of the patch at http://trac.pythonpaste.org/pythonpaste/ticket/314
>
> Thank you to both again
>
> Actually this is my first pylons application and I didn't yet come to
> the production settings.
> From your comments I understand that to cope with mixed http and https
> (and perahps also generally speaking) it would be better setting the
> production serving environment with apache/mod_wsgi rather than
> PROXYING requests from apache to the paste server.
I use Apache for SSL and proxy to PasteHTTPServer, which is running
HTTP and listening only on localhost. My sites don't mix HTTPS and
HTTP in the same site. However, sometimes I have to know whether it's
using HTTPS; e.g., to generate an absolute URL for an email. With CGI
there would be an automatic envvar for this, but with mod_proxy I had
to set an extra HTTP header:
# Apache config
RequestHeader set HTTPS 1
# In the controller
protocol = request.environ.get("HTTP_HTTPS" and "https" or "http")
> Also a curiosity : is anyone making use of the @https decorator ? (or
> should I simply forget about it)
I wouldn't put a high priority on using it, but I don't know of
anything bad about it. Again, this can be handled with Apache
rewrites.
And good URL theory would seem to indicate (although this may be
controversial) that there should be ONE URL for each page, either HTTP
or HTTPS but not both. So redirecting all HTTP requests to the HTTPS
home page makes sense, but redirecting every HTTP page to its HTTPS
equivalent or such doesn't make as much sense. But you may have to
redirect to HTTPS for certain important URLs like logging in, if the
user is likely to type the HTTP url by mistake.
--
Mike Orr <[email protected]>
--
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en.
