2 __copyright__ = "Copyright (C) 2007, Stephen Zabel"
3 __author__ = "Stephen Zabel - sjzabel@gmail.com"
4 __contributors__ = "Jay Parlar - parlar@gmail.com"
6 from django.conf import settings
7 from django.http import HttpResponsePermanentRedirect
8 from django.contrib.sites.models import get_current_site
13 class SSLRedirect(object):
15 def process_view(self, request, view_func, view_args, view_kwargs):
16 # Does connection require security?
17 if SSL in view_kwargs:
18 secure = view_kwargs[SSL]
23 if request.user.is_authenticated():
26 # If connection is not secured but requires security, then redirect
27 if not self._is_secure(request) and secure:
28 return self._redirect(request, secure)
30 def _is_secure(self, request):
31 if request.is_secure():
34 #Handle the Webfaction case until this gets resolved in the request.is_secure()
35 if 'HTTP_X_FORWARDED_SSL' in request.META:
36 return request.META['HTTP_X_FORWARDED_SSL'] == 'on'
40 def _redirect(self, request, secure):
41 protocol = secure and "https://" or "http://"
42 newurl = "%s%s%s" % (protocol, get_current_site(request).domain, request.get_full_path())
43 if settings.DEBUG and request.method == 'POST':
45 """Django can't perform a SSL redirect while maintaining POST data.
46 Please structure your views so that redirects only occur during GETs."""
48 return HttpResponsePermanentRedirect(newurl)