Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Explicitly set url scheme when passing X-Forwarded-Proto #7

Merged
merged 7 commits into from
Mar 6, 2015
Merged

Explicitly set url scheme when passing X-Forwarded-Proto #7

merged 7 commits into from
Mar 6, 2015

Conversation

blaix
Copy link
Contributor

@blaix blaix commented Mar 5, 2015

This will let non-secure proxies tell a secure service to construct http URLs instead of https.

blaix added 4 commits March 5, 2015 04:49
@blaix
whitespace fix
67c1942
@blaix
No need for this to be an attribute
3a642c5
@blaix
Set wsgi.url_scheme = HTTP_X_FORWARDED_PROTO
45becf1 
This will let non-secure proxies tell a secure service to construct http
URLs instead of https.
@blaix
Only allow setting scheme to http or https
b2256cd 
and default to http

Slightly more secure?
@thomasw
Copy link

thomasw commented Mar 5, 2015

As discussed on our call, we should be able to just toggle the HTTPS environ to on or off. Though, what you're doing here may be better because we might be able to eliminate the csrf monkey patch that we have. Maybe we should do both though?

https://github.com/django/django/blob/1.6.9/django/http/request.py#L119-L120

@blaix
Copy link
Contributor Author

blaix commented Mar 5, 2015

I think we should do both.

blaix added 3 commits March 6, 2015 05:29
@blaix
Refactor: move scheme setting to a function
bcc2f5f 
I'm about to expand on what it means to set the scheme so I moved it to
a function.
@blaix
Move set_scheme tests to their own class
11ac8cd 
I'm about to expand on what happens in this function
@blaix
Set HTTPS in environ based on forwarded scheme
3be1da7 
See: #7 (comment)
@blaix
Copy link
Contributor Author

blaix commented Mar 6, 2015

updated

@thomasw
Copy link

thomasw commented Mar 6, 2015

👍

blaix added a commit that referenced this pull request Mar 6, 2015
@blaix
Merge pull request #7 from yola/fix_scheme
ec90d95 
Explicitly set url scheme when passing X-Forwarded-Proto
@blaix blaix merged commit ec90d95 into master Mar 6, 2015
@blaix blaix deleted the fix_scheme branch March 6, 2015 21:53
blaix added a commit that referenced this pull request Mar 6, 2015
@blaix
Rewrite README
1d0c3a8 
This started as me adding docs for the changes in
#7 but ended up as a rewrite.

I think this reads better and also generalizes things as "fixing URLs"
instead of just prefixing SCRIPT_NAME.
@blaix blaix mentioned this pull request Mar 6, 2015
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@blaix @thomasw