From b2e8c0fd97005a5e3e2be319a639ab87dab11863 Mon Sep 17 00:00:00 2001 From: Marcin Kuzminski Date: Sat, 27 Apr 2013 01:47:56 +0200 Subject: fix broken handling of adding an htsts. Modifing response/request was having trouble in some redirect cases --HG-- extra : source : 4ed55c851d1cf6d564b7213ac6dc3a28a3a51f14 --- rhodecode/lib/middleware/https_fixup.py | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/rhodecode/lib/middleware/https_fixup.py b/rhodecode/lib/middleware/https_fixup.py index 49e99d0d..3418c051 100644 --- a/rhodecode/lib/middleware/https_fixup.py +++ b/rhodecode/lib/middleware/https_fixup.py @@ -23,7 +23,6 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see . -from pylons.controllers.util import Request from rhodecode.lib.utils2 import str2bool @@ -36,15 +35,15 @@ class HttpsFixup(object): def __call__(self, environ, start_response): self.__fixup(environ) debug = str2bool(self.config.get('debug')) - if str2bool(self.config.get('use_htsts')) and not debug: - req = Request(environ, self.application) - resp = req.get_response(self.application) - if environ['wsgi.url_scheme'] == 'https': - resp.headers['Strict-Transport-Security'] = \ - 'max-age=8640000; includeSubDomains' - return resp(environ, start_response) + is_ssl = environ['wsgi.url_scheme'] == 'https' - return self.application(environ, start_response) + def custom_start_response(status, headers, exc_info=None): + if is_ssl and str2bool(self.config.get('use_htsts')) and not debug: + headers.append(('Strict-Transport-Security', + 'max-age=8640000; includeSubDomains')) + return start_response(status, headers, exc_info) + + return self.application(environ, custom_start_response) def __fixup(self, environ): """ -- cgit v1.2.3