我想将所有请求重定向http
到https
.
是否有一个通用的方法来设置wsgi.url_scheme
,以https
在Python 2.7瓶的应用程序?
该应用程序的一般结构是:
setup.py // contains 'install_requires' wsgi - myapplication.py // the custom application containing bottle routes
wsgi.url_scheme
似乎与环境变量有关:
http://wsgi.readthedocs.org/en/latest/definitions.html#envvar-wsgi.url_scheme
但我不确定如何实际"设置"环境变量https
以及是否可以在setup.py
或myapplication.py
文件中完成.
这里有一段代码:
https://github.com/defnull/bottle/issues/347
def i_am_https_dammit(app): def https_app(environ, start_response): environ['wsgi.url_scheme'] = 'https' return app(environ, start_response) return https_app
但是我不知道如何实现这个要点,因为我对应用程序的调用是来自软木塞而且只是使用:
application=default_app() session_opts = { 'session.cookie_expires': True, 'session.encrypt_key': 'please use a random key and keep it secret!', 'session.httponly': True, 'session.timeout': 3600 * 24, # 1 day 'session.type': 'cookie', 'session.validate_key': True, } application = SessionMiddleware(application, session_opts)
ron rothman.. 7
如果我不理解您的问题,请原谅我,但为什么不为您的Bottle应用程序安装一个简单的重定向插件?像这样的东西:
import bottle app = bottle.app() def redirect_http_to_https(callback): '''Bottle plugin that redirects all http requests to https''' def wrapper(*args, **kwargs): scheme = bottle.request.urlparts[0] if scheme == 'http': # request is http; redirect to https bottle.redirect(bottle.request.url.replace('http', 'https', 1)) else: # request is already https; okay to proceed return callback(*args, **kwargs) return wrapper bottle.install(redirect_http_to_https) @bottle.route('/hello') def hello(): return 'hello\n' bottle.run(host='127.0.0.1', port=8080)
用卷曲测试:
% 05:57:03 !3000 ~>curl -v 'http://127.0.0.1:8080/hello' * Connected to 127.0.0.1 (127.0.0.1) port 8080 (#0) > GET /hello HTTP/1.1 > User-Agent: curl/7.30.0 > Host: 127.0.0.1:8080 > Accept: */* > * HTTP 1.0, assume close after body < HTTP/1.0 303 See Other < Date: Sun, 01 Dec 2013 10:57:16 GMT < Server: WSGIServer/0.1 Python/2.7.5 < Content-Length: 0 < Location: https://127.0.0.1:8080/hello < Content-Type: text/html; charset=UTF-8
有关插件如何工作的详细信息,请参阅Bottle文档.
简而言之,该插件通过拦截所有请求和检查协议("方案")来工作.如果方案是"http",则插件指示Bottle将HTTP重定向返回到相应的安全(https)URL.
如果我不理解您的问题,请原谅我,但为什么不为您的Bottle应用程序安装一个简单的重定向插件?像这样的东西:
import bottle app = bottle.app() def redirect_http_to_https(callback): '''Bottle plugin that redirects all http requests to https''' def wrapper(*args, **kwargs): scheme = bottle.request.urlparts[0] if scheme == 'http': # request is http; redirect to https bottle.redirect(bottle.request.url.replace('http', 'https', 1)) else: # request is already https; okay to proceed return callback(*args, **kwargs) return wrapper bottle.install(redirect_http_to_https) @bottle.route('/hello') def hello(): return 'hello\n' bottle.run(host='127.0.0.1', port=8080)
用卷曲测试:
% 05:57:03 !3000 ~>curl -v 'http://127.0.0.1:8080/hello' * Connected to 127.0.0.1 (127.0.0.1) port 8080 (#0) > GET /hello HTTP/1.1 > User-Agent: curl/7.30.0 > Host: 127.0.0.1:8080 > Accept: */* > * HTTP 1.0, assume close after body < HTTP/1.0 303 See Other < Date: Sun, 01 Dec 2013 10:57:16 GMT < Server: WSGIServer/0.1 Python/2.7.5 < Content-Length: 0 < Location: https://127.0.0.1:8080/hello < Content-Type: text/html; charset=UTF-8
有关插件如何工作的详细信息,请参阅Bottle文档.
简而言之,该插件通过拦截所有请求和检查协议("方案")来工作.如果方案是"http",则插件指示Bottle将HTTP重定向返回到相应的安全(https)URL.