Show More
@@ -1,71 +1,70 b'' | |||||
1 | # -*- coding: utf-8 -*- |
|
1 | # -*- coding: utf-8 -*- | |
2 | # This program is free software: you can redistribute it and/or modify |
|
2 | # This program is free software: you can redistribute it and/or modify | |
3 | # it under the terms of the GNU General Public License as published by |
|
3 | # it under the terms of the GNU General Public License as published by | |
4 | # the Free Software Foundation, either version 3 of the License, or |
|
4 | # the Free Software Foundation, either version 3 of the License, or | |
5 | # (at your option) any later version. |
|
5 | # (at your option) any later version. | |
6 | # |
|
6 | # | |
7 | # This program is distributed in the hope that it will be useful, |
|
7 | # This program is distributed in the hope that it will be useful, | |
8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
10 | # GNU General Public License for more details. |
|
10 | # GNU General Public License for more details. | |
11 | # |
|
11 | # | |
12 | # You should have received a copy of the GNU General Public License |
|
12 | # You should have received a copy of the GNU General Public License | |
13 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
13 | # along with this program. If not, see <http://www.gnu.org/licenses/>. | |
14 | """ |
|
14 | """ | |
15 | kallithea.config.middleware.https_fixup |
|
15 | kallithea.config.middleware.https_fixup | |
16 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
16 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
17 |
|
17 | |||
18 | middleware to handle https correctly |
|
18 | middleware to handle https correctly | |
19 |
|
19 | |||
20 | This file was forked by the Kallithea project in July 2014. |
|
20 | This file was forked by the Kallithea project in July 2014. | |
21 | Original author and date, and relevant copyright and licensing information is below: |
|
21 | Original author and date, and relevant copyright and licensing information is below: | |
22 | :created_on: May 23, 2010 |
|
22 | :created_on: May 23, 2010 | |
23 | :author: marcink |
|
23 | :author: marcink | |
24 | :copyright: (c) 2013 RhodeCode GmbH, and others. |
|
24 | :copyright: (c) 2013 RhodeCode GmbH, and others. | |
25 | :license: GPLv3, see LICENSE.md for more details. |
|
25 | :license: GPLv3, see LICENSE.md for more details. | |
26 | """ |
|
26 | """ | |
27 |
|
27 | |||
28 |
|
28 | |||
29 | import kallithea |
|
|||
30 | from kallithea.lib.utils2 import asbool |
|
29 | from kallithea.lib.utils2 import asbool | |
31 |
|
30 | |||
32 |
|
31 | |||
33 | class HttpsFixup(object): |
|
32 | class HttpsFixup(object): | |
34 |
|
33 | |||
35 | def __init__(self, app, config): |
|
34 | def __init__(self, app, config): | |
36 | self.application = app |
|
35 | self.application = app | |
37 | self.config = config |
|
36 | self.config = config | |
38 |
|
37 | |||
39 | def __call__(self, environ, start_response): |
|
38 | def __call__(self, environ, start_response): | |
40 | self.__fixup(environ) |
|
39 | self.__fixup(environ) | |
41 | debug = asbool(self.config.get('debug')) |
|
40 | debug = asbool(self.config.get('debug')) | |
42 | is_ssl = environ['wsgi.url_scheme'] == 'https' |
|
41 | is_ssl = environ['wsgi.url_scheme'] == 'https' | |
43 |
|
42 | |||
44 | def custom_start_response(status, headers, exc_info=None): |
|
43 | def custom_start_response(status, headers, exc_info=None): | |
45 | if is_ssl and asbool(self.config.get('use_htsts')) and not debug: |
|
44 | if is_ssl and asbool(self.config.get('use_htsts')) and not debug: | |
46 | headers.append(('Strict-Transport-Security', |
|
45 | headers.append(('Strict-Transport-Security', | |
47 | 'max-age=8640000; includeSubDomains')) |
|
46 | 'max-age=8640000; includeSubDomains')) | |
48 | return start_response(status, headers, exc_info) |
|
47 | return start_response(status, headers, exc_info) | |
49 |
|
48 | |||
50 | return self.application(environ, custom_start_response) |
|
49 | return self.application(environ, custom_start_response) | |
51 |
|
50 | |||
52 | def __fixup(self, environ): |
|
51 | def __fixup(self, environ): | |
53 | """ |
|
52 | """ | |
54 | Function to fixup the environ as needed. In order to use this |
|
53 | Function to fixup the environ as needed. In order to use this | |
55 | middleware you should set this header inside your |
|
54 | middleware you should set this header inside your | |
56 | proxy ie. nginx, apache etc. |
|
55 | proxy ie. nginx, apache etc. | |
57 | """ |
|
56 | """ | |
58 | proto = None |
|
57 | proto = None | |
59 |
|
58 | |||
60 | # if we have force, just override |
|
59 | # if we have force, just override | |
61 | if asbool(self.config.get('force_https')): |
|
60 | if asbool(self.config.get('force_https')): | |
62 | proto = 'https' |
|
61 | proto = 'https' | |
63 | else: |
|
62 | else: | |
64 | # get protocol from configured WSGI environment variable |
|
63 | # get protocol from configured WSGI environment variable | |
65 |
url_scheme_variable = |
|
64 | url_scheme_variable = self.config.get('url_scheme_variable') | |
66 | if url_scheme_variable: |
|
65 | if url_scheme_variable: | |
67 | proto = environ.get(url_scheme_variable) |
|
66 | proto = environ.get(url_scheme_variable) | |
68 |
|
67 | |||
69 | if proto: |
|
68 | if proto: | |
70 | environ['wsgi._org_proto'] = environ.get('wsgi.url_scheme') |
|
69 | environ['wsgi._org_proto'] = environ.get('wsgi.url_scheme') | |
71 | environ['wsgi.url_scheme'] = proto |
|
70 | environ['wsgi.url_scheme'] = proto |
General Comments 0
You need to be logged in to leave comments.
Login now