Skip to content Skip to sidebar Skip to footer
Home / Pylons / Pyramid / Pyramid Debug Toolbar / Python / Python 3.x

Pyramid Debug Toolbar Serving Static Content Over HTTP Instead Of HTTPS

Post a Comment
On our test servers, we're using the Pyramid debug toolbar, however, it generates http:// links to static content (like its CSS and JavaScript files), while the rest of the content

Solution 1:

There might be better/simpler ways to achieve this, but one thing you can do to achieve this add the _scheme='https' parameter to each call to request.static_url().

For that you can of course edit pyramid/url.py, but you can also do this in your projects' __init__.py:

from pyramid.url import URLMethodsMixin

URLMethodsMixin.static_url_org = URLMethodsMixin.static_url  # backup of original

def https_static_url(self, *args, **kw):
    kw['_scheme'] = 'https'  # add parameter forcing https
    return URLMethodsMixin.static_url_org(self, *args, **kw)  # call backup

URLMethodsMixin.static_url = https_static_url  # replace original with backup

Parameters for static_url works like route_url. From the documentation:

Note that if _scheme is passed as https, and _port is not passed, the _port value is assumed to have been passed as 443. Likewise, if _scheme is passed as http and _port is not passed, the _port value is assumed to have been passed as 80. To avoid this behavior, always explicitly pass _port whenever you pass _scheme. Setting '_scheme' automatically forces port 443


Solution 2:

Usually you signal your web server to use HTTPS instead of HTTP by passing through X-Forwarded-Proto HTTP header.

Example from Nginx:

    proxy_set_header X-Forwarded-Proto $scheme;

However, this is not standard and may depend on your web server configuration. Here is full example for Nginx + uWSGI:

    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Host $server_name;
    proxy_set_header X-Forwarded-Proto $scheme;

    uwsgi_pass 127.0.0.1:8001;
    uwsgi_param UWSGI_SCHEME https;
    uwsgi_pass_header X_FORWARDED_PROTO;
    uwsgi_pass_header X_REAL_IP;

See how WebOb (underlying Request for Pyramid) reconstructs URL from given HTTP headers.


Solution 3:

https://stackoverflow.com/a/42358816/358532

You can add url_scheme param to your configuration file (separated by environment) like that:

[server:main]
use = egg:waitress#main
host = 0.0.0.0
port = 6500
url_scheme = https

Post a Comment for "Pyramid Debug Toolbar Serving Static Content Over HTTP Instead Of HTTPS"