Pyramid 调试工具栏通过 HTTP 而不是 HTTPS 提供静态内容
Pyramid debug toolbar serving static content over HTTP instead of HTTPS
在我们的测试服务器上,我们使用 Pyramid debug toolbar,但是,它会生成 http://
指向静态内容的链接(比如它的 CSS 和 JavaScript 文件) ,而其余内容则通过 HTTPS 提供。这会导致混合内容警告,并破坏所有功能。有没有办法强制它生成 HTTPS 链接?
我知道可以在 Chrome 中启用混合内容,这很有效,但对于整个 QA 团队来说,这不是一个可行的解决方案。
可能有 better/simpler 种方法可以实现这一点,但您可以做一件事来实现这一点,即在每次调用 request.static_url()
.
时添加 _scheme='https'
参数
为此你当然可以编辑 pyramid/url.py
,但你也可以在你的项目中这样做 __init__.py
:
from pyramid.url import URLMethodsMixin
URLMethodsMixin.static_url_org = URLMethodsMixin.static_url # backup of original
def https_static_url(self, *args, **kw):
kw['_scheme'] = 'https' # add parameter forcing https
return URLMethodsMixin.static_url_org(self, *args, **kw) # call backup
URLMethodsMixin.static_url = https_static_url # replace original with backup
static_url
的参数与 route_url
类似。来自文档:
Note that if _scheme is passed as https, and _port is not passed, the _port value is assumed to have been passed as 443. Likewise, if _scheme is passed as http and _port is not passed, the _port value is assumed to have been passed as 80. To avoid this behavior, always explicitly pass _port whenever you pass _scheme.
Setting '_scheme' automatically forces port 443
通常,您通过 X-Forwarded-Proto
HTTP header.
向您的 Web 服务器发出信号以使用 HTTPS 而不是 HTTP
来自 Nginx 的示例:
proxy_set_header X-Forwarded-Proto $scheme;
但是,这不是标准的,可能取决于您的网络服务器配置。这是 Nginx + uWSGI 的完整示例:
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto $scheme;
uwsgi_pass 127.0.0.1:8001;
uwsgi_param UWSGI_SCHEME https;
uwsgi_pass_header X_FORWARDED_PROTO;
uwsgi_pass_header X_REAL_IP;
See how WebOb (underlying Request for Pyramid) reconstructs URL from given HTTP headers.
You can add url_scheme
param to your configuration file (separated by
environment) like that:
[server:main]
use = egg:waitress#main
host = 0.0.0.0
port = 6500
url_scheme = https
在我们的测试服务器上,我们使用 Pyramid debug toolbar,但是,它会生成 http://
指向静态内容的链接(比如它的 CSS 和 JavaScript 文件) ,而其余内容则通过 HTTPS 提供。这会导致混合内容警告,并破坏所有功能。有没有办法强制它生成 HTTPS 链接?
我知道可以在 Chrome 中启用混合内容,这很有效,但对于整个 QA 团队来说,这不是一个可行的解决方案。
可能有 better/simpler 种方法可以实现这一点,但您可以做一件事来实现这一点,即在每次调用 request.static_url()
.
_scheme='https'
参数
为此你当然可以编辑 pyramid/url.py
,但你也可以在你的项目中这样做 __init__.py
:
from pyramid.url import URLMethodsMixin
URLMethodsMixin.static_url_org = URLMethodsMixin.static_url # backup of original
def https_static_url(self, *args, **kw):
kw['_scheme'] = 'https' # add parameter forcing https
return URLMethodsMixin.static_url_org(self, *args, **kw) # call backup
URLMethodsMixin.static_url = https_static_url # replace original with backup
static_url
的参数与 route_url
类似。来自文档:
Note that if _scheme is passed as https, and _port is not passed, the _port value is assumed to have been passed as 443. Likewise, if _scheme is passed as http and _port is not passed, the _port value is assumed to have been passed as 80. To avoid this behavior, always explicitly pass _port whenever you pass _scheme. Setting '_scheme' automatically forces port 443
通常,您通过 X-Forwarded-Proto
HTTP header.
来自 Nginx 的示例:
proxy_set_header X-Forwarded-Proto $scheme;
但是,这不是标准的,可能取决于您的网络服务器配置。这是 Nginx + uWSGI 的完整示例:
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto $scheme;
uwsgi_pass 127.0.0.1:8001;
uwsgi_param UWSGI_SCHEME https;
uwsgi_pass_header X_FORWARDED_PROTO;
uwsgi_pass_header X_REAL_IP;
See how WebOb (underlying Request for Pyramid) reconstructs URL from given HTTP headers.
You can add
url_scheme
param to your configuration file (separated by environment) like that:[server:main] use = egg:waitress#main host = 0.0.0.0 port = 6500 url_scheme = https