Django running ounder PyISAPIe on IIS doesn't detect HTTPS

[KayEss]

The is_secure() function in django.http.Request uses os.environ to detect whether or not the request is HTTPS or not. This doesn't work on Windows because the environment doesn't contain this information.

PyISAPIe makes this information available in META (well, actually it doesn't yet, but that's another bug and patch to file against PyISAPIe).

The Django patch is against django.http.init.py and the PyISAPIe patch is against django.core.handlers.pysiapi.py. We're using Django trunk r8066.

Some ​extra information is available on my blog.

[KayEss]

Django patch

[KayEss]

PyISAPIe patch

[Malcolm Tredinnick]

It's looks like this could be done without adding two extra lines of code: always call lower() on the environment value. The PyISAPIe patch is irrelevant and shouldn't really have been attached here. That's not part of Django (and whoever is distributing it as a third-party handler shouldn't be putting it in the django.core.handlers namespace).

[Malcolm Tredinnick]

Pushing to after 1.0, since this is really a feature addition and depends upon a feature that doesn't even exist yet in the thing we're being asked to accommodate.

[(none)]

Milestone post-1.0 deleted

[afternoon]

I'd like to nudge this bug. I'm using PyISAPIe in production, have experienced the issue and have used KayEss's patch successfully.

[ayaz@…]

Hello everyone:

I'd like to give this a gentle push.

If I may ask, is there any chance this could make it into trunk? This ticket was opened three years ago. I recently deployed multiple Django web applications on IIS7 using PyISAPIe and got bitten by this bug.

Thanks.

[Luke Plant]

I can't see any reason why this needs to be in Django, rather than in your PyASPIe handler (which I have no access to - it's not part of Django and I can't find it). Look at WSGIRequest in django/core/handlers/wsgi.py for an example.