incubator-allura-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tvansteenbu...@apache.org
Subject [01/50] git commit: [#6668] additional notes about forcing ssl
Date Fri, 04 Oct 2013 23:23:07 GMT
Updated Branches:
  refs/heads/tv/6670 92f981984 -> f6d23e97f (forced update)


[#6668] additional notes about forcing ssl


Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/06ef8f5d
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/06ef8f5d
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/06ef8f5d

Branch: refs/heads/tv/6670
Commit: 06ef8f5d4572aa032d0b581da08c7630c97091f1
Parents: a2e0c4b
Author: Dave Brondsema <dbrondsema@slashdotmedia.com>
Authored: Thu Oct 3 21:26:00 2013 +0000
Committer: Dave Brondsema <dbrondsema@slashdotmedia.com>
Committed: Thu Oct 3 21:26:00 2013 +0000

----------------------------------------------------------------------
 Allura/allura/lib/custom_middleware.py | 4 ++++
 Allura/development.ini                 | 5 ++++-
 2 files changed, 8 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/06ef8f5d/Allura/allura/lib/custom_middleware.py
----------------------------------------------------------------------
diff --git a/Allura/allura/lib/custom_middleware.py b/Allura/allura/lib/custom_middleware.py
index e6b9037..e5fef4f 100644
--- a/Allura/allura/lib/custom_middleware.py
+++ b/Allura/allura/lib/custom_middleware.py
@@ -165,6 +165,10 @@ class SSLMiddleware(object):
             resp = exc.HTTPNotFound()
         secure = req.url.startswith('https://')
         srv_path = req.url.split('://', 1)[-1]
+        # This SFUSER check is SourceForge-specific (to require all logged-in users to use
https)
+        # BUT has the additional affect of not forcing SSL for regular Allura instances
+        # This is important for local development, at least.  When we remove SFUSER (perhaps
by requiring SSL everywhere),
+        # we can use `no_redirect.pattern = .` for local development to work without SSL
         force_ssl = req.cookies.get('SFUSER') or self._force_ssl_re.match(environ['PATH_INFO'])
         if not secure and force_ssl:
             resp = exc.HTTPFound(location='https://' + srv_path)

http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/06ef8f5d/Allura/development.ini
----------------------------------------------------------------------
diff --git a/Allura/development.ini b/Allura/development.ini
index 8dcf5f7..cff48fd 100644
--- a/Allura/development.ini
+++ b/Allura/development.ini
@@ -90,8 +90,11 @@ auth.ldap.schroot_name = scm
 #  script_name is the path that is handled by the application
 #  url_base is the prefix that references to the static resources should have
 no_redirect.pattern = ^/nf/\d+/_(ew|static)_/.*|^/rest/.*
-# Pages that must always be SSL, such as ones using the login overlay
+# Pages that must always be SSL even when logged out, such as ones using the login overlay
 force_ssl.pattern = ^/[a-z0-9-]+/import_project/
+# to make all pages use ssl, even when not logged in:
+# force_ssl.pattern = .
+
 ew.script_name = /nf/%(build_key)s/_ew_/
 ew.url_base = /nf/%(build_key)s/_ew_/
 # ew.url_base = ://a.fsdn.com/allura/nf/%(build_key)s/_ew_/


Mime
View raw message