[mod_python] Distinguish http from https?

Glenn Hochberg gah at research.att.com
Tue Apr 25 15:50:44 EDT 2006

On Apr 25, 2006, at 12:49 PM, Deron Meranda wrote:

> On 4/25/06, Glenn Hochberg <gah at research.att.com> wrote:
>> One (admittedly somewhat klugey) solution is to add:
>>         PythonOption ssl on
>> to your ssl VirtualHost container (i.e. typically in ssl.conf), and
>> then test for this option in your mod_python code, e.g.:
>>      url = 'http://'
>>      if req.get_options().has_key('ssl'):  url = 'https://'
>> This is what I've been using for some time, but it's great to know
>> that something less config-intrusive will be available in future.
> I think you probably meant to put a == 'on' in the if test,
> otherwise somebody may be tempted to change the config to
> read "off", thinking it would toggle your behavior.
> Just to be clear though, that is not a good test for security, which
> is what I think the original poster was after--to determine whether or
> not the current HTTP connection was tunneled through TLS or SSL.
> You can of course use the Apache SSLRequireSSL directive
> in your VirtualHost section to enforce SSL only, in which case
> then in combination with your PythonOption, it will work as a
> quick solution.
> --

To clarify, we have separate VirtualHost's set up for ssl vs. non-ssl  
-- the ssl-vhost is used for port 443, and the non-ssl-vhost for port  
80.  The ssl-vhost does indeed have SSLRequireSSL set as well.

I agree that this is only a "quick solution"--the ability to find out  
directly whether or not TLS/SSL is in use for the connection would  
certainly be preferable.


More information about the Mod_python mailing list