Drop support for https-url in all-in-one.conf
This feature allowing an instance to have both anonymous and authenticated
(https) url is not used anymore, let's drop it.
--- a/cubicweb/devtools/fake.py Fri Jan 20 16:53:28 2017 +0100
+++ b/cubicweb/devtools/fake.py Mon Jan 23 11:02:21 2017 +0100
@@ -34,7 +34,6 @@
class FakeConfig(dict, BaseApptestConfiguration):
translations = {}
uiprops = {}
- https_uiprops = {}
apphome = None
debugmode = False
def __init__(self, appid='data', apphome=None, cubes=()):
@@ -46,7 +45,6 @@
self['base-url'] = BASE_URL
self['rql-cache-size'] = 3000
self.datadir_url = BASE_URL + 'data/'
- self.https_datadir_url = (BASE_URL + 'data/').replace('http://', 'https://')
def cubes(self, expand=False):
return self._cubes
@@ -69,7 +67,6 @@
def __init__(self, *args, **kwargs):
if not (args or 'vreg' in kwargs):
kwargs['vreg'] = FakeCWRegistryStore(FakeConfig(), initlog=False)
- kwargs['https'] = False
self._http_method = kwargs.pop('method', 'GET')
self._url = kwargs.pop('url', None)
if self._url is None:
--- a/cubicweb/etwist/request.py Fri Jan 20 16:53:28 2017 +0100
+++ b/cubicweb/etwist/request.py Mon Jan 23 11:02:21 2017 +0100
@@ -26,10 +26,10 @@
""" from twisted .req to cubicweb .form
req.files are put into .form[<filefield>]
"""
- def __init__(self, req, vreg, https):
+ def __init__(self, req, vreg):
self._twreq = req
super(CubicWebTwistedRequestAdapter, self).__init__(
- vreg, https, req.args, headers=req.received_headers)
+ vreg, req.args, headers=req.received_headers)
for key, name_stream_list in req.files.items():
for name, stream in name_stream_list:
if name is not None:
--- a/cubicweb/etwist/server.py Fri Jan 20 16:53:28 2017 +0100
+++ b/cubicweb/etwist/server.py Mon Jan 23 11:02:21 2017 +0100
@@ -57,7 +57,6 @@
# checks done before daemonization (eg versions consistency)
self.appli = CubicWebPublisher(repo, config)
self.base_url = config['base-url']
- self.https_url = config['https-url']
global MAX_POST_LENGTH
MAX_POST_LENGTH = config['max-post-length']
@@ -104,8 +103,6 @@
# reload modified files in debug mode
if self.config.debugmode:
self.config.uiprops.reload_if_needed()
- if self.https_url:
- self.config.https_uiprops.reload_if_needed()
self.appli.vreg.reload_if_needed()
if self.config['profile']: # default profiler don't trace threads
return self.render_request(request)
@@ -130,18 +127,11 @@
def _render_request(self, request):
origpath = request.path
host = request.host
- # dual http/https access handling: expect a rewrite rule to prepend
- # 'https' to the path to detect https access
- https = False
- if origpath.split('/', 2)[1] == 'https':
- origpath = origpath[6:]
- request.uri = request.uri[6:]
- https = True
if self.url_rewriter is not None:
# XXX should occur before authentication?
path = self.url_rewriter.rewrite(host, origpath, request)
request.uri.replace(origpath, path, 1)
- req = CubicWebTwistedRequestAdapter(request, self.appli.vreg, https)
+ req = CubicWebTwistedRequestAdapter(request, self.appli.vreg)
try:
### Try to generate the actual request content
content = self.appli.handle_request(req)
--- a/cubicweb/etwist/service.py Fri Jan 20 16:53:28 2017 +0100
+++ b/cubicweb/etwist/service.py Mon Jan 23 11:02:21 2017 +0100
@@ -82,8 +82,7 @@
config.debugmode = False
logger.info('starting cubicweb instance %s ', self.instance)
config.info('clear ui caches')
- for cachedir in ('uicache', 'uicachehttps'):
- rm(join(config.appdatahome, cachedir, '*'))
+ rm(join(config.appdatahome, 'uicache', '*'))
root_resource = CubicWebRootResource(config, config.repository())
website = server.Site(root_resource)
# serve it via standard HTTP on port set in the configuration
--- a/cubicweb/pyramid/bwcompat.py Fri Jan 20 16:53:28 2017 +0100
+++ b/cubicweb/pyramid/bwcompat.py Mon Jan 23 11:02:21 2017 +0100
@@ -53,10 +53,6 @@
CubicWebPublisher.core_handle do
"""
- # XXX The main handler of CW forbid anonymous https connections
- # I guess we can drop this "feature" but in doubt I leave this comment
- # so we don't forget about it. (cdevienne)
-
req = request.cw_request
vreg = request.registry['cubicweb.registry']
@@ -170,10 +166,6 @@
self.cwhandler = registry['cubicweb.handler']
def __call__(self, request):
- if request.path.startswith('/https/'):
- request.environ['PATH_INFO'] = request.environ['PATH_INFO'][6:]
- assert not request.path.startswith('/https/')
- request.scheme = 'https'
try:
response = self.handler(request)
except httpexceptions.HTTPNotFound:
--- a/cubicweb/pyramid/core.py Fri Jan 20 16:53:28 2017 +0100
+++ b/cubicweb/pyramid/core.py Mon Jan 23 11:02:21 2017 +0100
@@ -126,12 +126,11 @@
self.path = request.upath_info
vreg = request.registry['cubicweb.registry']
- https = request.scheme == 'https'
post = request.params.mixed()
headers_in = request.headers
- super(CubicWebPyramidRequest, self).__init__(vreg, https, post,
+ super(CubicWebPyramidRequest, self).__init__(vreg, post,
headers=headers_in)
self.content = request.body_file_seekable
@@ -157,9 +156,6 @@
else:
self.form[param] = val
- def is_secure(self):
- return self._request.scheme == 'https'
-
def relative_path(self, includeparams=True):
path = self._request.path[1:]
if includeparams and self._request.query_string:
--- a/cubicweb/pyramid/test/__init__.py Fri Jan 20 16:53:28 2017 +0100
+++ b/cubicweb/pyramid/test/__init__.py Mon Jan 23 11:02:21 2017 +0100
@@ -11,10 +11,7 @@
@classmethod
def init_config(cls, config):
super(PyramidCWTest, cls).init_config(config)
- config.global_set_option('https-url', 'https://localhost.local/')
config.global_set_option('anonymous-user', 'anon')
- config.https_uiprops = None
- config.https_datadir_url = None
def setUp(self):
# Skip CubicWebTestTC setUp
--- a/cubicweb/pyramid/test/test_bw_request.py Fri Jan 20 16:53:28 2017 +0100
+++ b/cubicweb/pyramid/test/test_bw_request.py Mon Jan 23 11:02:21 2017 +0100
@@ -33,24 +33,6 @@
self.assertEqual(b'some content', req.content.read())
- def test_http_scheme(self):
- req = CubicWebPyramidRequest(
- self.make_request('/', {
- 'wsgi.url_scheme': 'http'}))
-
- self.assertFalse(req.https)
-
- def test_https_scheme(self):
- req = CubicWebPyramidRequest(
- self.make_request('/', {
- 'wsgi.url_scheme': 'https'}))
-
- self.assertTrue(req.https)
-
- def test_https_prefix(self):
- r = self.webapp.get('/https/')
- self.assertIn('https://', r.text)
-
def test_big_content(self):
content = b'x' * 100001
--- a/cubicweb/req.py Fri Jan 20 16:53:28 2017 +0100
+++ b/cubicweb/req.py Mon Jan 23 11:02:21 2017 +0100
@@ -278,9 +278,6 @@
parameters. Values are automatically URL quoted, and the
publishing method to use may be specified or will be guessed.
- if ``__secure__`` argument is True, the request will try to build a
- https url.
-
raises :exc:`ValueError` if None is found in arguments
"""
# use *args since we don't want first argument to be "anonymous" to
@@ -295,8 +292,10 @@
# not try to process it and directly call req.build_url()
base_url = kwargs.pop('base_url', None)
if base_url is None:
- secure = kwargs.pop('__secure__', None)
- base_url = self.base_url(secure=secure)
+ if kwargs.pop('__secure__', None) is not None:
+ warn('[3.25] __secure__ argument is deprecated',
+ DeprecationWarning, stacklevel=2)
+ base_url = self.base_url()
path = self.build_url_path(method, kwargs)
if not kwargs:
return u'%s%s' % (base_url, path)
@@ -502,13 +501,12 @@
raise ValueError(self._('can\'t parse %(value)r (expected %(format)s)')
% {'value': value, 'format': format})
- def _base_url(self, secure=None):
- if secure:
- return self.vreg.config.get('https-url') or self.vreg.config['base-url']
- return self.vreg.config['base-url']
-
- def base_url(self, secure=None):
- """return the root url of the instance
- """
- url = self._base_url(secure=secure)
+ def base_url(self, **kwargs):
+ """Return the root url of the instance."""
+ secure = kwargs.pop('secure', None)
+ if secure is not None:
+ warn('[3.25] secure argument is deprecated', DeprecationWarning, stacklevel=2)
+ if kwargs:
+ raise TypeError('base_url got unexpected keyword arguments %s' % ', '.join(kwargs))
+ url = self.vreg.config['base-url']
return url if url is None else url.rstrip('/') + '/'
--- a/cubicweb/sobjects/notification.py Fri Jan 20 16:53:28 2017 +0100
+++ b/cubicweb/sobjects/notification.py Mon Jan 23 11:02:21 2017 +0100
@@ -187,7 +187,7 @@
kwargs.update({'user': self.user_data['login'],
'eid': entity.eid,
'etype': entity.dc_type(),
- 'url': entity.absolute_url(__secure__=True),
+ 'url': entity.absolute_url(),
'title': entity.dc_long_title(),})
return kwargs
--- a/cubicweb/test/unittest_req.py Fri Jan 20 16:53:28 2017 +0100
+++ b/cubicweb/test/unittest_req.py Mon Jan 23 11:02:21 2017 +0100
@@ -37,7 +37,7 @@
req = RequestSessionBase(None)
req.from_controller = lambda: 'view'
req.relative_path = lambda includeparams=True: None
- req.base_url = lambda secure=None: 'http://testing.fr/cubicweb/'
+ req.base_url = lambda: 'http://testing.fr/cubicweb/'
self.assertEqual(req.build_url(), u'http://testing.fr/cubicweb/view')
self.assertEqual(req.build_url(None), u'http://testing.fr/cubicweb/view')
self.assertEqual(req.build_url('one'), u'http://testing.fr/cubicweb/one')
@@ -61,11 +61,15 @@
base_url = self.config['base-url']
with self.admin_access.repo_cnx() as session:
self.assertEqual(session.base_url(), base_url)
- assert 'https-url' not in self.config
- self.assertEqual(session.base_url(secure=True), base_url)
- secure_base_url = base_url.replace('http', 'https')
- self.config.global_set_option('https-url', secure_base_url)
- self.assertEqual(session.base_url(secure=True), secure_base_url)
+
+ def test_secure_deprecated(self):
+ with self.admin_access.cnx() as cnx:
+ with self.assertWarns(DeprecationWarning):
+ cnx.base_url(secure=True)
+ with self.assertRaises(TypeError):
+ cnx.base_url(thing=42)
+ with self.assertWarns(DeprecationWarning):
+ cnx.build_url('ah', __secure__='whatever')
def test_view_catch_ex(self):
with self.admin_access.web_request() as req:
--- a/cubicweb/test/unittest_rset.py Fri Jan 20 16:53:28 2017 +0100
+++ b/cubicweb/test/unittest_rset.py Mon Jan 23 11:02:21 2017 +0100
@@ -119,17 +119,6 @@
# '%stask/title/go' % baseurl)
# empty _restpath should not crash
self.compare_urls(req.build_url('view', _restpath=''), baseurl)
- self.assertNotIn('https', req.build_url('view', vid='foo', rql='yo',
- __secure__=True))
- try:
- self.config.global_set_option('https-url', 'https://testing.fr/')
- self.assertTrue('https', req.build_url('view', vid='foo', rql='yo',
- __secure__=True))
- self.compare_urls(req.build_url('view', vid='foo', rql='yo',
- __secure__=True),
- '%sview?vid=foo&rql=yo' % req.base_url(secure=True))
- finally:
- self.config.global_set_option('https-url', None)
def test_build(self):
--- a/cubicweb/web/application.py Fri Jan 20 16:53:28 2017 +0100
+++ b/cubicweb/web/application.py Mon Jan 23 11:02:21 2017 +0100
@@ -125,8 +125,6 @@
"""return a string giving the name of the cookie used to store the
session identifier.
"""
- if req.https:
- return '__%s_https_session' % self.vreg.config.appid
return '__%s_session' % self.vreg.config.appid
def get_session(self, req):
@@ -158,7 +156,7 @@
def open_session(self, req):
session = self.session_manager.open_session(req)
sessioncookie = self.session_cookie(req)
- secure = req.https and req.base_url().startswith('https://')
+ secure = req.base_url().startswith('https://')
req.set_cookie(sessioncookie, session.sessionid,
maxage=None, secure=secure, httponly=True)
if not session.anonymous_session:
@@ -334,27 +332,20 @@
content = self.redirect_handler(req, ex)
# Wrong, absent or Reseted credential
except AuthenticationError:
- # If there is an https url configured and
- # the request does not use https, redirect to login form
- https_url = self.vreg.config['https-url']
- if https_url and req.base_url() != https_url:
- req.status_out = http_client.SEE_OTHER
- req.headers_out.setHeader('location', https_url + 'login')
+ # We assume here that in http auth mode the user *May* provide
+ # Authentification Credential if asked kindly.
+ if self.vreg.config['auth-mode'] == 'http':
+ req.status_out = http_client.UNAUTHORIZED
+ # In the other case (coky auth) we assume that there is no way
+ # for the user to provide them...
+ # XXX But WHY ?
else:
- # We assume here that in http auth mode the user *May* provide
- # Authentification Credential if asked kindly.
- if self.vreg.config['auth-mode'] == 'http':
- req.status_out = http_client.UNAUTHORIZED
- # In the other case (coky auth) we assume that there is no way
- # for the user to provide them...
- # XXX But WHY ?
- else:
- req.status_out = http_client.FORBIDDEN
- # If previous error handling already generated a custom content
- # do not overwrite it. This is used by LogOut Except
- # XXX ensure we don't actually serve content
- if not content:
- content = self.need_login_content(req)
+ req.status_out = http_client.FORBIDDEN
+ # If previous error handling already generated a custom content
+ # do not overwrite it. This is used by LogOut Except
+ # XXX ensure we don't actually serve content
+ if not content:
+ content = self.need_login_content(req)
assert isinstance(content, binary_type)
return content
--- a/cubicweb/web/request.py Fri Jan 20 16:53:28 2017 +0100
+++ b/cubicweb/web/request.py Mon Jan 23 11:02:21 2017 +0100
@@ -105,28 +105,19 @@
"""
ajax_request = False # to be set to True by ajax controllers
- def __init__(self, vreg, https=False, form=None, headers=None):
+ def __init__(self, vreg, form=None, headers=None):
"""
:vreg: Vregistry,
- :https: boolean, s this a https request
:form: Forms value
:headers: dict, request header
"""
super(_CubicWebRequestBase, self).__init__(vreg)
- #: (Boolean) Is this an https request.
- self.https = https
- #: User interface property (vary with https) (see :ref:`uiprops`)
+ #: User interface property (see :ref:`uiprops`)
self.uiprops = None
- #: url for serving datadir (vary with https) (see :ref:`resources`)
+ #: url for serving datadir (see :ref:`resources`)
self.datadir_url = None
- if https and vreg.config.https_uiprops is not None:
- self.uiprops = vreg.config.https_uiprops
- else:
- self.uiprops = vreg.config.uiprops
- if https and vreg.config.https_datadir_url is not None:
- self.datadir_url = vreg.config.https_datadir_url
- else:
- self.datadir_url = vreg.config.datadir_url
+ self.uiprops = vreg.config.uiprops
+ self.datadir_url = vreg.config.datadir_url
#: enable UStringIO's write tracing
self.tracehtml = False
if vreg.config.debugmode:
@@ -179,22 +170,6 @@
self.ajax_request = value
json_request = property(_get_json_request, _set_json_request)
- def _base_url(self, secure=None):
- """return the root url of the instance
-
- secure = False -> base-url
- secure = None -> https-url if req.https
- secure = True -> https if it exist
- """
- if secure is None:
- secure = self.https
- base_url = None
- if secure:
- base_url = self.vreg.config.get('https-url')
- if base_url is None:
- base_url = super(_CubicWebRequestBase, self)._base_url()
- return base_url
-
@property
def authmode(self):
"""Authentification mode of the instance
@@ -952,7 +927,7 @@
cnx = None
session = None
- def __init__(self, vreg, https=False, form=None, headers={}):
+ def __init__(self, vreg, form=None, headers={}):
""""""
self.vreg = vreg
try:
@@ -960,8 +935,7 @@
self.translations = vreg.config.translations
except AttributeError:
self.translations = {}
- super(ConnectionCubicWebRequestBase, self).__init__(vreg, https=https,
- form=form, headers=headers)
+ super(ConnectionCubicWebRequestBase, self).__init__(vreg, form=form, headers=headers)
self.session = _MockAnonymousSession()
self.cnx = self.user = _NeedAuthAccessMock()
--- a/cubicweb/web/test/unittest_request.py Fri Jan 20 16:53:28 2017 +0100
+++ b/cubicweb/web/test/unittest_request.py Mon Jan 23 11:02:21 2017 +0100
@@ -71,28 +71,13 @@
class WebRequestTC(unittest.TestCase):
- def test_base_url(self):
- dummy_vreg = FakeCWRegistryStore(FakeConfig(), initlog=False)
- dummy_vreg.config['base-url'] = 'http://babar.com/'
- dummy_vreg.config['https-url'] = 'https://toto.com/'
-
- req = CubicWebRequestBase(dummy_vreg, https=False)
- self.assertEqual('http://babar.com/', req.base_url())
- self.assertEqual('http://babar.com/', req.base_url(False))
- self.assertEqual('https://toto.com/', req.base_url(True))
-
- req = CubicWebRequestBase(dummy_vreg, https=True)
- self.assertEqual('https://toto.com/', req.base_url())
- self.assertEqual('http://babar.com/', req.base_url(False))
- self.assertEqual('https://toto.com/', req.base_url(True))
-
def test_negotiated_language(self):
vreg = FakeCWRegistryStore(FakeConfig(), initlog=False)
vreg.config.translations = {'fr': (None, None), 'en': (None, None)}
headers = {
'Accept-Language': 'fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3',
}
- req = CubicWebRequestBase(vreg, https=False, headers=headers)
+ req = CubicWebRequestBase(vreg, headers=headers)
self.assertEqual(req.negotiated_language(), 'fr')
def test_build_url_language_from_url(self):
@@ -100,7 +85,7 @@
vreg.config['base-url'] = 'http://testing.fr/cubicweb/'
vreg.config['language-mode'] = 'url-prefix'
vreg.config.translations['fr'] = text_type, text_type
- req = CubicWebRequestBase(vreg, https=False)
+ req = CubicWebRequestBase(vreg)
# Override from_controller to avoid getting into relative_path method,
# which is not implemented in CubicWebRequestBase.
req.from_controller = lambda : 'not view'
--- a/cubicweb/web/views/basetemplates.py Fri Jan 20 16:53:28 2017 +0100
+++ b/cubicweb/web/views/basetemplates.py Mon Jan 23 11:02:21 2017 +0100
@@ -474,7 +474,7 @@
url_args = {}
if target and target != '/':
url_args['postlogin_path'] = target
- return self._cw.build_url('login', __secure__=True, **url_args)
+ return self._cw.build_url('login', **url_args)
return super(BaseLogForm, self).form_action()
--- a/cubicweb/web/views/staticcontrollers.py Fri Jan 20 16:53:28 2017 +0100
+++ b/cubicweb/web/views/staticcontrollers.py Mon Jan 23 11:02:21 2017 +0100
@@ -80,7 +80,6 @@
self._cw.set_header('last-modified', generateDateTime(os.stat(path).st_mtime))
if self._cw.is_client_cache_valid():
return ''
- # XXX elif uri.startswith('/https/'): uri = uri[6:]
mimetype, encoding = mimetypes.guess_type(path)
if mimetype is None:
mimetype = 'application/octet-stream'
@@ -225,11 +224,7 @@
__regid__ = 'fckeditor'
def publish(self, rset=None):
- config = self._cw.vreg.config
- if self._cw.https:
- uiprops = config.https_uiprops
- else:
- uiprops = config.uiprops
+ uiprops = self._cw.vreg.config.uiprops
relpath = self.relpath
if relpath.startswith('fckeditor/'):
relpath = relpath[len('fckeditor/'):]
--- a/cubicweb/web/webconfig.py Fri Jan 20 16:53:28 2017 +0100
+++ b/cubicweb/web/webconfig.py Mon Jan 23 11:02:21 2017 +0100
@@ -113,19 +113,6 @@
'group': 'web', 'level': 3,
}),
# web configuration
- ('https-url',
- {'type' : 'string',
- 'default': None,
- 'help': 'web server root url on https. By specifying this option your '\
- 'site can be available as an http and https site. Authenticated users '\
- 'will in this case be authenticated and once done navigate through the '\
- 'https site. IMPORTANTE NOTE: to do this work, you should have your '\
- 'apache redirection include "https" as base url path so cubicweb can '\
- 'differentiate between http vs https access. For instance: \n'\
- 'RewriteRule ^/demo/(.*) http://127.0.0.1:8080/https/$1 [L,P]\n'\
- 'where the cubicweb web server is listening on port 8080.',
- 'group': 'main', 'level': 3,
- }),
('datadir-url',
{'type': 'string', 'default': None,
'help': ('base url for static data, if different from "${base-url}/data/". '
@@ -269,9 +256,7 @@
def __init__(self, *args, **kwargs):
super(WebConfiguration, self).__init__(*args, **kwargs)
self.uiprops = None
- self.https_uiprops = None
self.datadir_url = None
- self.https_datadir_url = None
def fckeditor_installed(self):
if self.uiprops is None:
@@ -390,16 +375,8 @@
self.datadir_url += '/'
if self.mode != 'test':
self.datadir_url += '%s/' % self.instance_md5_version()
- self.https_datadir_url = self.datadir_url
return
- httpsurl = self['https-url']
data_relpath = self.data_relpath()
- if httpsurl:
- if httpsurl[-1] != '/':
- httpsurl += '/'
- if not self.repairing:
- self.global_set_option('https-url', httpsurl)
- self.https_datadir_url = httpsurl + data_relpath
self.datadir_url = baseurl + data_relpath
def data_relpath(self):
@@ -417,14 +394,6 @@
data=lambda x: self.datadir_url + x,
datadir_url=self.datadir_url[:-1])
self._init_uiprops(self.uiprops)
- if self['https-url']:
- cachedir = join(self.appdatahome, 'uicachehttps')
- self.check_writeable_uid_directory(cachedir)
- self.https_uiprops = PropertySheet(
- cachedir,
- data=lambda x: self.https_datadir_url + x,
- datadir_url=self.https_datadir_url[:-1])
- self._init_uiprops(self.https_uiprops)
def _init_uiprops(self, uiprops):
libuiprops = join(self.shared_dir(), 'data', 'uiprops.py')
--- a/cubicweb/wsgi/request.py Fri Jan 20 16:53:28 2017 +0100
+++ b/cubicweb/wsgi/request.py Mon Jan 23 11:02:21 2017 +0100
@@ -69,15 +69,10 @@
if k.startswith('HTTP_'))
if 'CONTENT_TYPE' in environ:
headers_in['Content-Type'] = environ['CONTENT_TYPE']
- https = self.is_secure()
- if self.path.startswith('/https/'):
- self.path = self.path[6:]
- self.environ['PATH_INFO'] = self.path
- https = True
post, files = self.get_posted_data()
- super(CubicWebWsgiRequest, self).__init__(vreg, https, post,
+ super(CubicWebWsgiRequest, self).__init__(vreg, post,
headers= headers_in)
self.content = environ['wsgi.input']
if files is not None:
@@ -121,9 +116,6 @@
## wsgi request helpers ###################################################
- def is_secure(self):
- return self.environ['wsgi.url_scheme'] == 'https'
-
def get_posted_data(self):
# The WSGI spec says 'QUERY_STRING' may be absent.
post = parse_qs(self.environ.get('QUERY_STRING', ''))
--- a/cubicweb/wsgi/test/unittest_wsgi.py Fri Jan 20 16:53:28 2017 +0100
+++ b/cubicweb/wsgi/test/unittest_wsgi.py Mon Jan 23 11:02:21 2017 +0100
@@ -27,30 +27,6 @@
self.assertEqual(b'some content', req.content.read())
- def test_http_scheme(self):
- r = webtest.app.TestRequest.blank('/', {
- 'wsgi.url_scheme': 'http'})
-
- req = CubicWebWsgiRequest(r.environ, self.vreg)
-
- self.assertFalse(req.https)
-
- def test_https_scheme(self):
- r = webtest.app.TestRequest.blank('/', {
- 'wsgi.url_scheme': 'https'})
-
- req = CubicWebWsgiRequest(r.environ, self.vreg)
-
- self.assertTrue(req.https)
-
- def test_https_prefix(self):
- r = webtest.app.TestRequest.blank('/https/', {
- 'wsgi.url_scheme': 'http'})
-
- req = CubicWebWsgiRequest(r.environ, self.vreg)
-
- self.assertTrue(req.https)
-
def test_big_content(self):
content = b'x'*100001
r = webtest.app.TestRequest.blank('/', {
--- a/doc/book/admin/instance-config.rst Fri Jan 20 16:53:28 2017 +0100
+++ b/doc/book/admin/instance-config.rst Mon Jan 23 11:02:21 2017 +0100
@@ -42,12 +42,9 @@
:`main.base-url`:
url base site to be used to generate the urls of web pages
-Https configuration
-```````````````````
-It is possible to make a site accessible for anonymous http connections
-and https for authenticated users. This requires to
-use apache (for example) for redirection and the variable `main.https-url`
-of configuration file.
+Apache configuration
+````````````````````
+It is possible to use apache (for example) as proxy.
For this to work you have to activate the following apache modules :
@@ -62,9 +59,8 @@
:Example:
- For an apache redirection of a site accessible via `http://localhost/demo`
- and `https://localhost/demo` and actually running on port 8080, it
- takes to the http:::
+ For an apache redirection of a site accessible via `http://localhost/demo` while cubicweb is
+ actually running on port 8080:::
ProxyPreserveHost On
RewriteEngine On
@@ -72,24 +68,11 @@
RewriteRule ^/demo$ /demo/
RewriteRule ^/demo/(.*) http://127.0.0.1:8080/$1 [L,P]
- and for the https:::
-
- ProxyPreserveHost On
- RewriteEngine On
- RewriteCond %{REQUEST_URI} ^/ demo
- RewriteRule ^/demo$/demo/
- RewriteRule ^/demo/(.*) http://127.0.0.1:8080/https/$1 [L,P]
-
and we will file in the all-in-one.conf of the instance:::
base-url = http://localhost/demo
- https-url = https://localhost/demo
-Notice that if you simply want a site accessible through https, not *both* http
-and https, simply set `base-url` to the https url and the first section into your
-apache configuration (as you would have to do for an http configuration with an
-apache front-end).
Setting up the web client
-------------------------