RewriteRule ^/im(.*) https://%{HTTP_HOST}%{REQUEST_URI} [NE]
RewriteRule ^/login(.*) https://%{HTTP_HOST}%{REQUEST_URI} [NE]
+ RequestHeader set X-Forwarded-Protocol "http"
+
WSGIScriptAlias /api /pithos/pithos/wsgi/pithos.wsgi
# WSGIDaemonProcess pithos
# WSGIProcessGroup pithos
RewriteRule ^/im(.*) /api/im$1 [PT,NE]
RewriteRule ^/login(.*) /api/im/login/dummy$1 [PT,NE]
+ RequestHeader set X-Forwarded-Protocol "https"
+
WSGIScriptAlias /api /pithos/pithos/wsgi/pithos.wsgi
# WSGIDaemonProcess pithos
# WSGIProcessGroup pithos
--- /dev/null
+# Copyright 2011 GRNET S.A. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or
+# without modification, are permitted provided that the following
+# conditions are met:
+#
+# 1. Redistributions of source code must retain the above
+# copyright notice, this list of conditions and the following
+# disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following
+# disclaimer in the documentation and/or other materials
+# provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS
+# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR
+# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
+# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+# POSSIBILITY OF SUCH DAMAGE.
+#
+# The views and conclusions contained in the software and
+# documentation are those of the authors and should not be
+# interpreted as representing official policies, either expressed
+# or implied, of GRNET S.A.
+
+class SecureMiddleware(object):
+ def process_request(self, request):
+ if 'HTTP_X_FORWARDED_PROTOCOL' in request.META:
+ request.is_secure = lambda: request.META['HTTP_X_FORWARDED_PROTOCOL'] == 'https'
projects / pithos / commitdiff