Code

Opened 6 years ago

Closed 3 years ago

#8281 closed New feature (wontfix)

Django running ounder PyISAPIe on IIS doesn't detect HTTPS

Reported by: KayEss Owned by: nobody
Component: HTTP handling Version: 1.0-alpha
Severity: Normal Keywords: PyISAPIe HTTPS
Cc: Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: yes
Easy pickings: no UI/UX:

Description

The is_secure() function in django.http.Request uses os.environ to detect whether or not the request is HTTPS or not. This doesn't work on Windows because the environment doesn't contain this information.

PyISAPIe makes this information available in META (well, actually it doesn't yet, but that's another bug and patch to file against PyISAPIe).

The Django patch is against django.http.init.py and the PyISAPIe patch is against django.core.handlers.pysiapi.py. We're using Django trunk r8066.

Some extra information is available on my blog.

Attachments (2)

django.patch (524 bytes) - added by KayEss 6 years ago.
Django patch
pyisapie.patch (931 bytes) - added by KayEss 6 years ago.
PyISAPIe patch

Download all attachments as: .zip

Change History (9)

Changed 6 years ago by KayEss

Django patch

Changed 6 years ago by KayEss

PyISAPIe patch

comment:1 Changed 6 years ago by mtredinnick

  • milestone set to 1.0
  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement set
  • Triage Stage changed from Unreviewed to Accepted

It's looks like this could be done without adding two extra lines of code: always call lower() on the environment value. The PyISAPIe patch is irrelevant and shouldn't really have been attached here. That's not part of Django (and whoever is distributing it as a third-party handler shouldn't be putting it in the django.core.handlers namespace).

comment:2 Changed 6 years ago by mtredinnick

  • milestone changed from 1.0 to post-1.0

Pushing to after 1.0, since this is really a feature addition and depends upon a feature that doesn't even exist yet in the thing we're being asked to accommodate.

comment:3 Changed 5 years ago by anonymous

  • milestone post-1.0 deleted

Milestone post-1.0 deleted

comment:4 Changed 4 years ago by afternoon

I'd like to nudge this bug. I'm using PyISAPIe in production, have experienced the issue and have used KayEss's patch successfully.

comment:5 Changed 3 years ago by lukeplant

  • Severity set to Normal
  • Type set to New feature

comment:6 Changed 3 years ago by ayaz@…

  • Easy pickings unset

Hello everyone:

I'd like to give this a gentle push.

If I may ask, is there any chance this could make it into trunk? This ticket was opened three years ago. I recently deployed multiple Django web applications on IIS7 using PyISAPIe and got bitten by this bug.

Thanks.

comment:7 Changed 3 years ago by lukeplant

  • Resolution set to wontfix
  • Status changed from new to closed

I can't see any reason why this needs to be in Django, rather than in your PyASPIe handler (which I have no access to - it's not part of Django and I can't find it). Look at WSGIRequest in django/core/handlers/wsgi.py for an example.

Add Comment

Modify Ticket

Change Properties
<Author field>
Action
as closed
as The resolution will be set. Next status will be 'closed'
The resolution will be deleted. Next status will be 'new'
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.