[Twisted-web] Enforcing SSL for non-SSL requests

Tommi Virtanen tv at twistedmatrix.com
Wed Aug 10 10:33:50 MDT 2005

Marek Habersack wrote:
>   I'm trying to find a way for a Nevow-based application to enforce SSL
> connection on the client when they come in using insecure HTTP. Currently
> when the client comes in using a http://site.com URL typed in the browser,
> they will get no error and no response from the server as the connection is
> closed. The application log reveals the following:

Your SSL problem has to do with trying to talk non-SSL protocols to an
SSL port, as mentioned elsewhere in this thread.

Apart from that, here's what I've done before:

class MakeSecure(object):
    __implements__ = inevow.IResource,

    def __init__(self, wrapped, port=None, *a, **kw):
        super(MakeSecure, self).__init__(*a, **kw)
        self.wrapped = wrapped
        self.port = port

    def locateChild(self, ctx, segments):
        request = inevow.IRequest(ctx)
        if request.isSecure():
            return self.wrapped, segments
            u = url.URL.fromRequest(request)
            for seg in segments:
                u = u.child(seg)
            return u.secure(port=self.port), ()

    def renderHTTP(self, ctx):
        request = inevow.IRequest(ctx)
        if request.isSecure():
            return self.wrapped.renderHTTP(ctx)
            u = url.URL.fromRequest(request)
            u = u.secure(port=self.port)
            return inevow.IResource(u).renderHTTP(ctx)

for that, svn co http://divmod.org/svn/Nevow/sandbox/tv and see the
makesecure subdirectory.

You may also be interested in the branchsecure directory.

More information about the Twisted-web mailing list