Why URL(..., scheme=True, ...) is implemented differently than request.is_https?
82 views
Skip to first unread message
Ray (a.k.a. Iceberg)
Jul 16, 2019, 4:31:06 AM7/16/19
to web2py-users
Hi there,
I tend to use
in my apps to generate an absolute URL, as documented here.
However, one of my app which has been deployed behind Apache wsgi with https, I noticed that the generated absolute URLs still use non-secure "http://...".
It is said that there can be some special situation that the wsgi setting would be inaccurate. However my question here for web2py is, why URL(..., scheme=True, ...) is implemented to depend on wsgi_url_scheme ONLY, while the is_https is more sophisticated? And, why does URL(..., scheme=True, ...) NOT depend on the more sophisticated is_https instead?
Regards,
Ray
I tend to use
URL(..., scheme=True, ...)in my apps to generate an absolute URL, as documented here.
However, one of my app which has been deployed behind Apache wsgi with https, I noticed that the generated absolute URLs still use non-secure "http://...".
It is said that there can be some special situation that the wsgi setting would be inaccurate. However my question here for web2py is, why URL(..., scheme=True, ...) is implemented to depend on wsgi_url_scheme ONLY, while the is_https is more sophisticated? And, why does URL(..., scheme=True, ...) NOT depend on the more sophisticated is_https instead?
Regards,
Ray
Paco Bernal
Jul 16, 2019, 5:18:45 PM7/16/19
to web2py-users
You can always redirect apache from http to https
Ray (a.k.a. Iceberg)
Jul 17, 2019, 3:45:24 AM7/17/19
to web2py-users
The problem is NOT about how to setup apache to redirect http to https. I am already doing that. But, in fact, it was such a redirection, combining with the unfortunate fact that web2py's URL(..., scheme=True) still generating "http://..." links, causing my RESTful API to malfunction. Who would know an http PUT request would lost its http body after a redirection? Nonetheless, in my previous post, I already narrowed down to the root cause, and asked: why URL(..., scheme=True) is currently implemented as detecting wsgi_url_scheme env var, rather than simply relying on the more sophisicated request.is_https?
Regards,
Ray
Regards,
Ray
Dave S
Jul 17, 2019, 1:11:21 PM7/17/19
to web2py-users
On Wednesday, July 17, 2019 at 12:45:24 AM UTC-7, Ray (a.k.a. Iceberg) wrote:
The problem is NOT about how to setup apache to redirect http to https. I am already doing that. But, in fact, it was such a redirection, combining with the unfortunate fact that web2py's URL(..., scheme=True) still generating "http://..." links, causing my RESTful API to malfunction. Who would know an http PUT request would lost its http body after a redirection? Nonetheless, in my previous post, I already narrowed down to the root cause, and asked: why URL(..., scheme=True) is currently implemented as detecting wsgi_url_scheme env var, rather than simply relying on the more sophisicated request.is_https?
Regards,
Ray
I suggest filing a bug report on Github.
/dps
Anthony
Jul 17, 2019, 5:44:53 PM7/17/19
to web2py-users
Feel free to submit a pull request. Or just set scheme='https' if you know it is HTTPS.
Anthony
Ray (a.k.a. Iceberg)
Jul 23, 2019, 3:22:12 AM7/23/19
to web2py-users
Thanks Anthony for the suggestion! I created a PR just now. https://github.com/web2py/web2py/pull/2233
Was wondering which place would be easier to draw the maintainers' attention, an issue/PR on github.com/web2py/web2py or a new post in this group/forum. :-)
Regards,
Ray
Was wondering which place would be easier to draw the maintainers' attention, an issue/PR on github.com/web2py/web2py or a new post in this group/forum. :-)
Regards,
Ray
Paco Bernal
Jul 25, 2019, 5:07:56 PM7/25/19
to web2py-users
That's totally right. I'm terrible sorry about my answer, I was crazy the last four weeks at work, sorry, quick and bad help, no help at all, my fault.
Reply all
Reply to author
Forward
0 new messages