On Monday, April 16, 2018 at 11:21:57 AM UTC-4, Ramos wrote:
>
> i prefer this tip from other post
>
> in models...
> session.secure()
> if not request.is_https:
>    redirect(URL(scheme='https', args=request.args, vars=request.vars))
>

request.requires_https() is preferable to the above, as it does the same, 
but also ensures there is no redirect in case the code is being run by the 
web2py shell, the scheduler, or a cron job. It also forgets the session 
before the redirect so anything added to the session during the initial 
http request is not persisted into the https session.

Anthony

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to