On Fri, 2012-01-27 at 05:33 -0800, guyc wrote: > Had a look at the PrefixMiddleware, though from reading the example on > http://pythonpaste.org/deploy/class-paste.deploy.config.PrefixMiddleware.html > I need to figure out how to apply this to the /login scenario, ie how > to get the middleware to only target certain urls to have the scheme > changed to https.
It's your job to redirect them to https when you want them to be on https. In essence, your site should be serveable via both HTTPS and HTTP in entirety, and if they reach an http://foo URL that they should be accessing via https://foo you should redirect them over to https://foo. That can be done in your web server or in your application. The middleware isn't responsible for that. In reality, these days, it's largely pointless to serve your login page over https and everything else over http due to attacks like Firesheep. Most people who use https end up turning it on for all authenticated requests. > Intuitively, this seems like something that should be configured in > view code. Would this be a bad idea? "Configured" is probably not the right word. "Coded" might be though. > > On Jan 25, 9:39 pm, Chris McDonough <[email protected]> wrote: > > On Wed, 2012-01-25 at 13:19 -0800, guyc wrote: > > > Hi > > > > > Apologies if I've missed this in the docs but I need a bit of steer > > > with using https and pyramid. Thinking of using nginx as a proxy as > > > per the docs deployment example and want to know if the recommended > > > approach is to use rewrite rules at the proxy level to switch to https > > > or should this be done in pyramid. If the latter, then how is this > > > achieved? > > > > > E.g. if a user requestshttp://mysite//loginand this needs to go over > > > https, how can this be switched/redirected tohttps://mysite//loginin > > > pyramid? > > > > If you're using the latest Pyramid (which uses Waitress as a default > > WSGI server), see: > > > > http://docs.pylonsproject.org/projects/waitress/en/latest/#using-behi... > > > > Most of that advice is applicable for any WSGI server, FWIW. > > > > - C > -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
