Commits

Robert Brewer committed 300a3cf

Fix for #782 (X-Forwarded-Ssl).

  • Participants
  • Parent commits b09e904

Comments (0)

Files changed (2)

File cherrypy/lib/cptools.py

     request = cherrypy.request
     
     if scheme:
-        scheme = request.headers.get(scheme, None)
+        s = request.headers.get(scheme, None)
+        if s == 'on' and 'ssl' in scheme.lower():
+            # This handles e.g. webfaction's 'X-Forwarded-Ssl: on' header
+            scheme = 'https'
+        else:
+            # This is for lighttpd/pound/Mongrel's 'X-Forwarded-Proto: https'
+            scheme = s
     if not scheme:
         scheme = request.base[:request.base.find("://")]
     

File cherrypy/test/test_proxy.py

             return cherrypy.request.base
         base.exposed = True
         
+        def ssl(self):
+            return cherrypy.request.base
+        ssl.exposed = True
+        ssl._cp_config = {'tools.proxy.scheme': 'X-Forwarded-Ssl'}
+        
         def newurl(self):
             return ("Browse to <a href='%s'>this page</a>."
                     % cherrypy.url("/this/new/page"))
         self.getPage("/base", headers=[('X-Forwarded-Proto', 'https')])
         self.assertBody("https://www.mydomain.test")
         
+        # Test X-Forwarded-Ssl (webfaction?)
+        self.getPage("/ssl", headers=[('X-Forwarded-Ssl', 'on')])
+        self.assertBody("https://www.mydomain.test")
+        
         # Test cherrypy.url()
         for sn in script_names:
             # Test the value inside requests