[Twisted-web] Enforcing SSL for non-SSL requests
Tommi Virtanen
tv at twistedmatrix.com
Wed Aug 10 10:33:50 MDT 2005
Marek Habersack wrote:
> I'm trying to find a way for a Nevow-based application to enforce SSL
> connection on the client when they come in using insecure HTTP. Currently
> when the client comes in using a http://site.com URL typed in the browser,
> they will get no error and no response from the server as the connection is
> closed. The application log reveals the following:
Your SSL problem has to do with trying to talk non-SSL protocols to an
SSL port, as mentioned elsewhere in this thread.
Apart from that, here's what I've done before:
class MakeSecure(object):
__implements__ = inevow.IResource,
def __init__(self, wrapped, port=None, *a, **kw):
super(MakeSecure, self).__init__(*a, **kw)
self.wrapped = wrapped
self.port = port
def locateChild(self, ctx, segments):
request = inevow.IRequest(ctx)
if request.isSecure():
return self.wrapped, segments
else:
u = url.URL.fromRequest(request)
for seg in segments:
u = u.child(seg)
return u.secure(port=self.port), ()
def renderHTTP(self, ctx):
request = inevow.IRequest(ctx)
if request.isSecure():
return self.wrapped.renderHTTP(ctx)
else:
u = url.URL.fromRequest(request)
u = u.secure(port=self.port)
return inevow.IResource(u).renderHTTP(ctx)
for that, svn co http://divmod.org/svn/Nevow/sandbox/tv and see the
makesecure subdirectory.
You may also be interested in the branchsecure directory.
More information about the Twisted-web
mailing list