[Twisted-web] Enforcing SSL for non-SSL requests

Christopher Armstrong radeex at gmail.com
Tue Aug 9 19:30:42 MDT 2005


On 8/10/05, Marek Habersack <grendel at caudium.net> wrote:
> Hello everybody,
> 
>   I'm trying to find a way for a Nevow-based application to enforce SSL
> connection on the client when they come in using insecure HTTP. Currently
> when the client comes in using a http://site.com URL typed in the browser,
> they will get no error and no response from the server as the connection is
> closed. The application log reveals the following:



My application started out using twisted.web.util.ChildRedirector to
the https URL for *all* plain http requests, but then we realised we
needed some resources to be accessible over non-HTTPS (for various
boring reasons) we wrote our own FancyRedirectory that looked a lot
like ChildRedirector but made exceptions for certain paths in
getChild.


-- 
  Twisted   |  Christopher Armstrong: International Man of Twistery
   Radix    |    -- http://radix.twistedmatrix.com
            |  Release Manager, Twisted Project
  \\\V///   |    -- http://twistedmatrix.com
   |o O|    |  
w----v----w-+



More information about the Twisted-web mailing list