If the user is using https, leave https mode on unless specified

Anonymous avatarAnonymous created an issue

On my shop, I want to keep the ssl mode on when the user is logged in without having to specify SSL:True on each page.

I used the following patch:

--- satchmo-0.8.1.orig/satchmo/shop/SSLMiddleware.py
+++ satchmo-0.8.1/satchmo/shop/SSLMiddleware.py
@@ -64,7 +64,7 @@
             secure = False

-        if not secure == request_is_secure(request)
+        if not request_is_secure(request) and secure:
             return self._redirect(request, secure)

     def _redirect(self, request, secure):

On the login page, I set SSL:True and on the logout page SSL:False, so when the user is logged, his connection is secured and when he logs out, he is redirected to the normal http mode.

Reported by mbouchar

Comments (0)

  1. Log in to comment
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.