Created
December 1, 2009 15:48
-
-
Save neilmock/246382 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# SSL redirect middleware | |
# | |
# Use as follows in url configs: | |
# | |
# (r'^registration/', include('myapp.registration.urls'), {'SSL':True}), | |
from django.conf import settings | |
from django.http import HttpResponseRedirect, HttpResponsePermanentRedirect, get_host | |
SSL = 'SSL' | |
class SSLRedirect: | |
def process_request(self, request): | |
ssl_force = getattr(settings, 'SSL_FORCE', None) | |
if settings.SSL_ENABLED and ssl_force: | |
if not self._is_secure(request): | |
return self._redirect(request, True) | |
return None | |
def process_view(self, request, view_func, view_args, view_kwargs): | |
if SSL in view_kwargs: | |
secure = view_kwargs[SSL] | |
del view_kwargs[SSL] | |
else: | |
# none means I don't care if its secure or not, just let the request through | |
return None | |
if (not secure == self._is_secure(request)) and settings.SSL_ENABLED: | |
return self._redirect(request, secure) | |
def _is_secure(self, request): | |
if request.is_secure(): | |
return True | |
#Handle the Webfaction case until this gets resolved in the request.is_secure() | |
if 'HTTP_X_FORWARDED_SSL' in request.META: | |
return request.META['HTTP_X_FORWARDED_SSL'] == 'on' | |
return False | |
def _redirect(self, request, secure): | |
protocol = secure and "https" or "http" | |
newurl = "%s://%s%s" % (protocol,get_host(request),request.get_full_path()) | |
if settings.DEBUG and request.method == 'POST': | |
raise RuntimeError, \ | |
"""Django can't perform a SSL redirect while maintaining POST data. | |
Please structure your views so that redirects only occur during GETs.""" | |
return HttpResponsePermanentRedirect(newurl) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment