From e0914e1f9a69b2bd83a54cf1d63d95964ea0fcf3 Mon Sep 17 00:00:00 2001 From: Charles Connell Date: Fri, 7 Feb 2014 16:47:08 -0500 Subject: [PATCH] Remove SSLRedirect #319 --- karmaworld/settings/prod.py | 8 ------ karmaworld/utils/SSLRedirect.py | 49 --------------------------------- 2 files changed, 57 deletions(-) delete mode 100644 karmaworld/utils/SSLRedirect.py diff --git a/karmaworld/settings/prod.py b/karmaworld/settings/prod.py index c10baa7..cc800b7 100644 --- a/karmaworld/settings/prod.py +++ b/karmaworld/settings/prod.py @@ -145,14 +145,6 @@ STATIC_URL = S3_URL SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https') ########## END SSL FORWARDING CONFIGURATION -########## MIDDLEWARE CONFIGURATION -# See: https://docs.djangoproject.com/en/dev/ref/settings/#middleware-classes -MIDDLEWARE_CLASSES += ( - # Use SSL when user is authenticated - 'karmaworld.utils.SSLRedirect.SSLRedirect', -) -########## END MIDDLEWARE CONFIGURATION - ########## COMPRESSION CONFIGURATION # See: http://django_compressor.readthedocs.org/en/latest/settings/#django.conf.settings.COMPRESS_OFFLINE COMPRESS_OFFLINE = True diff --git a/karmaworld/utils/SSLRedirect.py b/karmaworld/utils/SSLRedirect.py deleted file mode 100644 index 0a4a5df..0000000 --- a/karmaworld/utils/SSLRedirect.py +++ /dev/null @@ -1,49 +0,0 @@ -__license__ = "Python" -__copyright__ = "Copyright (C) 2007, Stephen Zabel" -__author__ = "Stephen Zabel - sjzabel@gmail.com" -__contributors__ = "Jay Parlar - parlar@gmail.com" - -from django.conf import settings -from django.http import HttpResponsePermanentRedirect -from django.contrib.sites.models import get_current_site - -SSL = 'SSL' - - -class SSLRedirect(object): - - def process_view(self, request, view_func, view_args, view_kwargs): - # Does connection require security? - if SSL in view_kwargs: - secure = view_kwargs[SSL] - del view_kwargs[SSL] - else: - secure = False - - if request.user.is_authenticated(): - secure = True - - # If connection is not secured but requires security, then redirect - if not self._is_secure(request) and secure: - return self._redirect(request, secure) - - def _is_secure(self, request): - if request.is_secure(): - return True - - #Handle the Webfaction case until this gets resolved in the request.is_secure() - if 'HTTP_X_FORWARDED_SSL' in request.META: - return request.META['HTTP_X_FORWARDED_SSL'] == 'on' - - return False - - def _redirect(self, request, secure): - protocol = secure and "https://" or "http://" - newurl = "%s%s%s" % (protocol, get_current_site(request).domain, request.get_full_path()) - if settings.DEBUG and request.method == 'POST': - raise RuntimeError, \ - """Django can't perform a SSL redirect while maintaining POST data. - Please structure your views so that redirects only occur during GETs.""" - - return HttpResponsePermanentRedirect(newurl) - -- 2.25.1