diff options
| author | Bobby <[email protected]> | 2022-10-10 12:13:56 -0400 |
|---|---|---|
| committer | Bobby <[email protected]> | 2022-10-10 12:13:56 -0400 |
| commit | 5d11cb12fc7a55ac7d5a541e608ef00a22dad4d9 (patch) | |
| tree | dd0815e4852fddf1fe98612c68b24f5cc2073a3b | |
| parent | e201c058b75cd8f3ff0125a77ba74f2f0b3dd3f7 (diff) | |
| download | thatcomputerscientist-5d11cb12fc7a55ac7d5a541e608ef00a22dad4d9.tar.xz thatcomputerscientist-5d11cb12fc7a55ac7d5a541e608ef00a22dad4d9.zip | |
SSL redirect on subdomain
| -rw-r--r-- | thatcomputerscientist/settings.py | 1 | ||||
| -rw-r--r-- | thatcomputerscientist/templatetags/subdomainurls.py | 6 | ||||
| -rw-r--r-- | users/views.py | 3 |
3 files changed, 7 insertions, 3 deletions
diff --git a/thatcomputerscientist/settings.py b/thatcomputerscientist/settings.py index d0188ea6..35284fe0 100644 --- a/thatcomputerscientist/settings.py +++ b/thatcomputerscientist/settings.py @@ -35,6 +35,7 @@ HOSTS = [".vcap.me"] if os.getenv('ENVIRONMENT') == 'development' else [".thatco CSRF_TRUSTED_ORIGINS = ['http://*.localhost', 'https://*.thatcomputerscientist.com', 'https://*.thatcomputerscientist.fly.dev/', 'http://*.vcap.me'] SESSION_COOKIE_DOMAIN = ".vcap.me" if os.getenv('ENVIRONMENT') == 'development' else ".thatcomputerscientist.com" DOMAIN_NAME = "vcap.me" if os.getenv('ENVIRONMENT') == 'development' else "thatcomputerscientist.com" +SECURE_SSL_REDIRECT = False if os.getenv('ENVIRONMENT') == 'development' else True # Application definition diff --git a/thatcomputerscientist/templatetags/subdomainurls.py b/thatcomputerscientist/templatetags/subdomainurls.py index cb7b2554..fa8af0b0 100644 --- a/thatcomputerscientist/templatetags/subdomainurls.py +++ b/thatcomputerscientist/templatetags/subdomainurls.py @@ -13,14 +13,16 @@ def subdomain_url(view_name, subdomain = None, referrer = None, *args, **kwargs) return reverse(view_name, args=args, kwargs=kwargs) if referrer: - return '//{}{}{}?referrer={}'.format( + return '{}://{}{}{}?referrer={}'.format( + 'https' if settings.SECURE_SSL_REDIRECT else 'http', subdomain, settings.HOSTS[0], reverse(view_name, args=args, kwargs=kwargs), referrer ) - return '//{}{}{}'.format( + return '{}://{}{}{}'.format( + 'https' if settings.SECURE_SSL_REDIRECT else 'http', subdomain, settings.HOSTS[0], reverse(view_name, args=args, kwargs=kwargs) diff --git a/users/views.py b/users/views.py index 5a7757a4..b0c2126e 100644 --- a/users/views.py +++ b/users/views.py @@ -20,7 +20,8 @@ def get_ref(request): try: referrer = request.META.get('QUERY_STRING').split('referrer=')[1] except: - referrer = request.META.get('HTTP_REFERER') + # Raise a unauthorized error if the referrer is not set + return HttpResponse('Unauthorized', status=401) if '?' in referrer: referrer = referrer.split('?')[0] return referrer |