Deron Meranda
deron.meranda at gmail.com
Tue Apr 25 12:49:40 EDT 2006
On 4/25/06, Glenn Hochberg <gah at research.att.com> wrote: > One (admittedly somewhat klugey) solution is to add: > PythonOption ssl on > to your ssl VirtualHost container (i.e. typically in ssl.conf), and > then test for this option in your mod_python code, e.g.: > > url = 'http://' > if req.get_options().has_key('ssl'): url = 'https://' > > This is what I've been using for some time, but it's great to know > that something less config-intrusive will be available in future. I think you probably meant to put a == 'on' in the if test, otherwise somebody may be tempted to change the config to read "off", thinking it would toggle your behavior. Just to be clear though, that is not a good test for security, which is what I think the original poster was after--to determine whether or not the current HTTP connection was tunneled through TLS or SSL. You can of course use the Apache SSLRequireSSL directive in your VirtualHost section to enforce SSL only, in which case then in combination with your PythonOption, it will work as a quick solution. -- Deron Meranda
|