Setting a custom header, as Jason suggested, is a way to go
- thanks a
lot!
But I noticed that when cherrypy adds a trailing slash it
redirects
from https back to http connection. The solution seems to be
to set up
an additional "X-Forwarded-Proto" header to
"https" in a similar
manner, then proxy tool sets request.base properly.
Regarding make_secure tool presented in wiki: http://tools
.cherrypy.org/wiki/ApacheSSL
. Quietly redirecting user to a secure url after reading
headers sent
over a regular connection is a bad approach IMHO. It just
makes you to
ignore security problems like the trailing slash problem
above.
On Feb 6, 10:20 am, Jason Earl <je... xmission.com> wrote:
> Sylvain Hellegouarch <s...defuze.org> writes:
> > Hey Jason,
>
> > That's an interesting solution. Would you mind
putting it up on the
> >http://tools.cherrypy.
org/wiki when you have some time please?
>
> > Thanks,
> > - Sylvain
>
> I have added a bit of documentation to the wiki about
this, and I have
> created a small link to it in BehindApache.
>
> The page I created is:
>
> http://tools
.cherrypy.org/wiki/ApacheSSL
>
> If someone could take a look at this and make sure that
I am not leading
> people too far astray I would really appreciate it.
Comments and
> criticism are definitely welcome. If the example isn't
clear I would be
> happy to fix it.
>
> That was fun. I think I will do something similar for
SimpleTAL  .
>
> Jason
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the
Google Groups "cherrypy-users" group.
To post to this group, send email to cherrypy-usersgooglegroups.com
To unsubscribe from this group, send email to
cherrypy-users-unsubscribegooglegroups.com
For more options, visit this group at h
ttp://groups.google.com/group/cherrypy-users?hl=en
-~----------~----~----~----~------~----~------~--~---
|
