Snippet List
This middleware redirects HTTP requests to HTTPS for some specified URLs, in the same way as [85](http://djangosnippets.org/snippets/85/). It also changes the `url` template tag to use the `https` scheme for the same URLs. For example, if you have the following URL pattern:
url(r'^accounts/login/$', 'django.contrib.auth.views.login', {'https': True})
then the template:
{% from future import url %}
{% url 'django.contrib.auth.views.login' %}
will render:
https://host.example.com/accounts/login/
and any plain HTTP requests to /accounts/login get redirected to HTTPS. URL patterns not marked with `'https': True` remain unaffected.
Notes:
* The HttpRequest object must be present in the template context as `request`, so add `django.core.context_processors.request` to `TEMPLATE_CONTEXT_PROCESSORS` and make sure to use `RequestContext`.
* This snippet overrides the existing `url` template tag. Remove the last line and register the new `url` function properly, as a separate tag, if this makes you unhappy. You'd then have to change your templates to use it.
* It would be nicer to change the way reverse look-ups behave instead of changing only the `url` template tag, but the URL resolver, and the `reverse` function, know nothing about requests, so have no way to find the correct host name.
- middleware
- template
- url
- ssl
- reverse
- https
- redirection
- tls
Allows url patterns to include a boolean indicating whether a view requires
TLS(SSL). The accompanying middleware handles the redirects needed to make
sure that it upholds this requirement.
**WARNING**: this monkey-patches some Django internals and is difficult to test
since Django's TestClient does not support TLS. If you use this make sure you
test it thouroughly.
Add this to your Django settings
USE_TLS = True # The default for this setting is False.
URL pattern usage
url(r'^login$', 'myproject.login.index',
{'require_tls': True}, name='login-index'),
Use `require_tls` True to force the middleware to perform redirects needed to
make sure your are serving this view using https.
Use `require_tls` False to force the middleware to redirect to http. Be
careful with this setting, this may not behave as you expect. If you don't
care if the view is served via https or http then do not include
`require_tls` in the pattern.
If you wish to have every view in the site served with TLS then specify the
following Django setting
ALWAYS_USE_TLS = True # Django setting, use TLS for every view
- middleware
- http
- ssl
- https
- tls
See docstrings for details. To use, add to `MIDDLEWARE_CLASSES` in `settings.py`, and in your `views.py`:
1. `from path.to.this.middleware import secure`
2. Decorate SSL views with `@secure`
- middleware
- ssl
- https
- redirection
- href
On WebFaction, each host has it's own Apache instance, with WebFaction's main Apache instance forwarding requests. This is very useful but means that some of the original information is lost. This middleware should be installed at the top of your list to restore this lost info.
It includes the functionality that used to be in SetRemoteAddrFromForwardedFor before it was removed from Django.
- middleware
- ssl
- webfaction
- https
6 snippets posted so far.