kennethreitz/flask-sslify
1
0
Fork 0
mirror of https://github.com/kennethreitz/flask-sslify.git synced 2026-06-05 23:00:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Replace only the scheme part of the URL.

Browse Source 
This prevents accidental rewrites of any HTTP URLs in query string
parameters, like for example:

    http://localhost/translate?src=http://non-secure-site.org/
This commit is contained in:
Vincent Driessen
2012-04-30 08:03:37 +02:00
parent 348866bff9
commit 3b2f681adb
1 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
flask_sslify.py
+4 -3
View File
@@ -43,10 +43,11 @@ class SSLify(object):
]
if not any(criteria):
url = request.url.replace('http://', 'https://')
r = redirect(url)
if request.url.startswith('http://'):
url = request.url.replace('http://', 'https://', 1)
r = redirect(url)
return r
return r
def set_hsts_header(self, response):
"""Adds HSTS header to each response."""