On Thu, Jul 20, 2017 at 8:02 AM, Logan Anderson <lander...@clacorp.com> wrote:
> Hey guys, > > > I have a list of custom plugins I wrote which I had to modify so urllib2 > would use SSL because I just forced my Trac install to SSL. Trac 1.2, for > reference. > > My question is this: > I see a few other plugins such as SimpleMultiProject using SSL to make > calls which appear to be going back to the base URL for Trac. I am not > currently seeing any major breakage or specific errors, but I was wondering > if you guys have any insight on whether this would be handled correctly > already within that plugin? > > This is basically the line I had to add to my plugin to make it function: > > gcontext = ssl.SSLContext(ssl.PROTOCOL_TLSv1) > > info = urllib2.urlopen(req, context=gcontext).read() > > Obviously straight out of stack overflow. Do you guys have any insight on > running a site SSL only in this way? Have you run into any major issues in > the past? So far everything seems functional after modifying my own > plugins. Just trying to think of anything I may be missing. > I have never encountered a situation in which a plugin needed to be concerned about whether the protocol was using SSL. To force SSL, you should configure your webserver to redirect http:// -> https://. That is how we've configured Apache for trac-hacks.org, trac.edgewall.org, etc ... - Ryan -- You received this message because you are subscribed to the Google Groups "Trac Development" group. To unsubscribe from this group and stop receiving emails from it, send an email to trac-dev+unsubscr...@googlegroups.com. To post to this group, send email to trac-dev@googlegroups.com. Visit this group at https://groups.google.com/group/trac-dev. For more options, visit https://groups.google.com/d/optout.
