Issue 3996041: Use request.is_secure instead of HTTPS variable

Issue 3996041: Use request.is_secure instead of HTTPS variable (Closed)

Can't Edit
Can't Publish+Mail
Start Review

Created:
15 years, 5 months ago by techtonik

Modified:
15 years, 5 months ago

Reviewers:
Andi Albrecht

CC:
codereview-discuss_googlegroups.com

Base URL:
http://rietveld.googlecode.com/svn/trunk/

Visibility:
Public.

Description

Checking for HTTPS with environment variable provides unreliable detection of https connection. For example, Apache2 HTTPS is set to '1' instead of standard 'on' value when mod_wsgi is active https://issues.apache.org/bugzilla/show_bug.cgi?id=50581#c6 So it is better to use Django facilities.

Patch Set 1 #

Patch Set 2 : Use Django to detect if request is secure #

Created: 15 years, 5 months ago

Download [raw] [tar.bz2]

		Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+1 line, -1 line)			Patch
	M	codereview/views.py	View	1	1 chunk	+1 line, -1 line	0 comments	Download

Messages

Total messages: 8

Expand All Messages | Collapse All Messages

Andi Albrecht

Are you sure that this is the right code base for this change? IMO we ...

15 years, 5 months ago (2011-01-14 06:38:33 UTC) #2

techtonik

You're right. We should use Django native code where possible. http://docs.djangoproject.com/en/dev/ref/request-response/#django.http.HttpRequest.is_secure

15 years, 5 months ago (2011-01-14 11:25:11 UTC) #4

Andi Albrecht

On 2011/01/14 11:25:11, techtonik wrote: > You're right. We should use Django native code where ...

15 years, 5 months ago (2011-01-14 12:32:44 UTC) #5

techtonik

On 2011/01/14 12:32:44, Andi Albrecht wrote: > > Now I'm somewhat confused. django.http.HttpRequest.is_secure does the ...

15 years, 5 months ago (2011-01-14 14:41:48 UTC) #6

Andi Albrecht

On Fri, Jan 14, 2011 at 3:41 PM, <techtonik@gmail.com> wrote: > On 2011/01/14 12:32:44, Andi ...

15 years, 5 months ago (2011-01-14 15:04:23 UTC) #7

Thanks. Committed in r650. =)

Expand All Messages | Collapse All Messages