Commits

Anonymous committed f5b712e

initial commit

Comments (0)

Files changed (9)

+# use glob syntax.
+syntax: glob
+
+*.pyc
+*.swp
+*.orig
+*.DS_Store
+*.log
+*.cache
+.svn*
+.git*
+Thumbs.db
+Copyright (c) 2012 Jason Christa and contributors
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+    1. Redistributions of source code must retain the above copyright notice,
+       this list of conditions and the following disclaimer.
+
+    2. Redistributions in binary form must reproduce the above copyright
+       notice, this list of conditions and the following disclaimer in the
+       documentation and/or other materials provided with the distribution.
+
+    3. Neither the name of this project nor the names of its contributors may
+       be used to endorse or promote products derived from this software without
+       specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

Empty file added.

+django>=1.2
+import os
+try:
+    from setuptools import setup, find_packages
+except ImportError:
+    from distutils.core import setup, find_packages
+
+
+def read_file(filename):
+    """Read a file into a string"""
+    path = os.path.abspath(os.path.dirname(__file__))
+    filepath = os.path.join(path, filename)
+    try:
+        return open(filepath).read()
+    except IOError:
+        return ''
+
+
+def get_readme():
+    """Return the README file contents. Supports text,rst, and markdown"""
+    for name in ('README', 'README.rst', 'README.md'):
+        if os.path.exists(name):
+            return read_file(name)
+    return ''
+
+setup(
+    name = 'Django SSL Redirect',
+    version = __import__('ssl_redirect').get_version().replace(' ', '-'),
+    url = 'https://bitbucket.org/nextscreenlabs/django-ssl-redirect',
+    author = 'Jason Christa',
+    author_email = 'jason@zeitcode.com',
+    description = 'A middleware that secures URLS.',
+    long_description = get_readme(),
+    packages = find_packages(exclude=['tests']),
+    include_package_data = True,
+    install_requires = read_file('requirements.txt'),
+    classifiers = [
+        'Environment :: Web Environment',
+        'License :: OSI Approved :: BSD Liscense',
+        'Framework :: Django',
+        'Programming Language :: Python',
+    ],
+)

ssl_redirect/__init__.py

+__version_info__ = {
+    'major': 0,
+    'minor': 1,
+    'micro': 0,
+    'releaselevel': 'alpha',
+    'serial': 1
+}
+
+def get_version(short=False):
+    assert __version_info__['releaselevel'] in ('alpha', 'beta', 'final')
+    vers = ["%(major)i.%(minor)i" % __version_info__, ]
+    if __version_info__['micro']:
+        vers.append(".%(micro)i" % __version_info__)
+    if __version_info__['releaselevel'] != 'final' and not short:
+        vers.append('%s%i' % (__version_info__['releaselevel'][0], __version_info__['serial']))
+    return ''.join(vers)
+
+__version__ = get_version()

ssl_redirect/middleware.py

+from django.conf import settings
+from django.http import HttpResponseRedirect, get_host
+
+
+USE_SSL = getattr(settings, 'USE_SSL', True)
+HTTPS_PATHS = getattr(settings, 'HTTPS_PATHS', [])
+SSL = 'SSL'
+SSLPORT = getattr(settings, 'SSL_PORT', None)
+
+
+class SSLRedirectMiddleware:
+    """
+    This middleware answers the problem of redirecting to (and from) a SSL secured path
+    by stating what paths should be secured in urls.py file. To secure a path, add the
+    additional view_kwarg 'SSL':True to the view_kwargs.
+
+    For example
+
+    urlpatterns = patterns('some_site.some_app.views',
+        (r'^test/secure/$','test_secure',{'SSL':True}),
+         )
+
+    All paths where 'SSL':False or where the kwarg of 'SSL' is not specified are routed
+    to an unsecure path.
+
+    For example
+
+    urlpatterns = patterns('some_site.some_app.views',
+        (r'^test/unsecure1/$','test_unsecure',{'SSL':False}),
+        (r'^test/unsecure2/$','test_unsecure'),
+         )
+
+    Gotcha's : Redirects should only occur during GETs; this is due to the fact that
+    POST data will get lost in the redirect.
+    """
+
+    def process_view(self, request, view_func, view_args, view_kwargs):
+        if SSL in view_kwargs:
+            secure = view_kwargs[SSL]
+            del view_kwargs[SSL]
+        else:
+            secure = False
+
+        if not USE_SSL:
+            return
+
+        if not secure:
+            for path in HTTPS_PATHS:
+                if request.path.startswith("/%s" % path):
+                    secure = True
+                    break
+
+        if not secure == self._request_is_secure(request):
+            return self._redirect(request, secure)
+
+    def _request_is_secure(self, request):
+        if request.is_secure():
+            return True
+
+        # Handle forwarded SSL (used at Webfaction)
+        if 'HTTP_X_FORWARDED_SSL' in request.META:
+            return request.META['HTTP_X_FORWARDED_SSL'] == 'on'
+
+        # Handle an additional case of proxying SSL requests. This is useful for Media Temple's
+        # Django container
+        if 'HTTP_X_FORWARDED_HOST' in request.META and request.META['HTTP_X_FORWARDED_HOST'].endswith('443'):
+            return True
+
+        return False
+
+    def _redirect(self, request, secure):
+        if settings.DEBUG and request.method == 'POST':
+            raise RuntimeError(
+"""Django can't perform a SSL redirect while maintaining POST data.
+Please structure your views so that redirects only occur during GETs.""")
+
+        protocol = secure and "https" or "http"
+        host = "%s://%s" % (protocol, get_host(request))
+        # In certain proxying situations, we need to strip out the 443 port
+        # in order to prevent inifinite redirects
+        if not secure:
+            host = host.replace(':443', '')
+        if secure and SSLPORT:
+            host = "%s:%s" % (host, SSLPORT)
+
+        newurl = "%s%s" % (host, request.get_full_path())
+
+        return HttpResponseRedirect(newurl)

Empty file added.

Empty file added.

Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.