From 30c27772bbc7e37da1e6e9098357e6df072def14 Mon Sep 17 00:00:00 2001 From: tofias Date: Wed, 25 Mar 2015 18:37:12 -0500 Subject: [PATCH 01/19] Adds ability to exclude paths from redirects. --- flask_sslify.py | 38 +++++++++++++++++++++++++------------- 1 file changed, 25 insertions(+), 13 deletions(-) diff --git a/flask_sslify.py b/flask_sslify.py index 2929f9f..6f4ea02 100644 --- a/flask_sslify.py +++ b/flask_sslify.py @@ -1,24 +1,25 @@ # -*- coding: utf-8 -*- -from flask import request, redirect, current_app +from flask import request, redirect YEAR_IN_SECS = 31536000 - class SSLify(object): """Secures your Flask App.""" - def __init__(self, app=None, age=YEAR_IN_SECS, subdomains=False, permanent=False): - self.hsts_age = age - self.hsts_include_subdomains = subdomains - self.permanent = permanent - + def __init__(self, app, age=YEAR_IN_SECS, subdomains=False, permanent=False, skips=None): if app is not None: - self.init_app(app) + self.app = app + self.hsts_age = age + self.hsts_include_subdomains = subdomains + self.permanent = permanent + self.skip_list = skips or app.config['SSL_SKIPS'] + self.init_app(self.app) + else: + self.app = None def init_app(self, app): """Configures the configured Flask app to enforce SSL.""" - app.before_request(self.redirect_to_ssl) app.after_request(self.set_hsts_header) @@ -32,27 +33,38 @@ class SSLify(object): return hsts_policy + @property + def skipping(self): + """Checks the skip list.""" + # Should we skip? + if self.skip_list: + for skip in self.skip_list: + if request.path.startswith('/' + skip): + return True + def redirect_to_ssl(self): """Redirect incoming requests to HTTPS.""" # Should we redirect? criteria = [ request.is_secure, - current_app.debug, + self.app.debug, request.headers.get('X-Forwarded-Proto', 'http') == 'https' ] - if not any(criteria): + # if not any(criteria) and self.skipping != True: + if not any(criteria) and not self.skipping is True: if request.url.startswith('http://'): url = request.url.replace('http://', 'https://', 1) code = 302 if self.permanent: code = 301 r = redirect(url, code=code) - return r def set_hsts_header(self, response): """Adds HSTS header to each response.""" - if request.is_secure: + # Should we add STS header? + if not self.skipping is True: response.headers.setdefault('Strict-Transport-Security', self.hsts_header) return response + From ce0b305a2ab0e33e8aea6ec14629a78cdba31d4d Mon Sep 17 00:00:00 2001 From: tofias Date: Wed, 25 Mar 2015 18:42:08 -0500 Subject: [PATCH 02/19] Update README.rst --- README.rst | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/README.rst b/README.rst index d66d15b..5675e13 100644 --- a/README.rst +++ b/README.rst @@ -56,6 +56,14 @@ by passing the ``permanent`` parameter:: sslify = SSLify(app, permanent=True) +Exclude Certain Paths from Being Redirected +------------------------------------------- + You can exlude a path that starts with given string by including a list called ``skips``:: + + sslify = SSLify(app, skips=['mypath', 'anotherpath']) + +Or by including SSL_SKIPS in your app's config. + Install ------- From fc2246887685e5b4de6e66ea196752ba86b209ef Mon Sep 17 00:00:00 2001 From: tofias Date: Wed, 25 Mar 2015 18:59:59 -0500 Subject: [PATCH 03/19] Removed comments, returned request.is_secure check --- flask_sslify.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/flask_sslify.py b/flask_sslify.py index 6f4ea02..a3083e8 100644 --- a/flask_sslify.py +++ b/flask_sslify.py @@ -4,6 +4,7 @@ from flask import request, redirect YEAR_IN_SECS = 31536000 + class SSLify(object): """Secures your Flask App.""" @@ -51,7 +52,6 @@ class SSLify(object): request.headers.get('X-Forwarded-Proto', 'http') == 'https' ] - # if not any(criteria) and self.skipping != True: if not any(criteria) and not self.skipping is True: if request.url.startswith('http://'): url = request.url.replace('http://', 'https://', 1) @@ -64,7 +64,6 @@ class SSLify(object): def set_hsts_header(self, response): """Adds HSTS header to each response.""" # Should we add STS header? - if not self.skipping is True: + if request.is_secure and not self.skipping is True: response.headers.setdefault('Strict-Transport-Security', self.hsts_header) return response - From cbd7d60c498382afe7df491d6a987e2d2747e8fe Mon Sep 17 00:00:00 2001 From: Michael Tofias Date: Tue, 31 Mar 2015 11:56:05 -0500 Subject: [PATCH 04/19] Made suggested improvements, allow more parameters to be set via config, added to documentation. --- README.rst | 14 +++++++++++++- flask_sslify.py | 19 +++++++++++-------- 2 files changed, 24 insertions(+), 9 deletions(-) diff --git a/README.rst b/README.rst index 5675e13..4a68e74 100644 --- a/README.rst +++ b/README.rst @@ -47,6 +47,9 @@ If you'd like to include subdomains in your HSTS policy, set the ``subdomains`` sslify = SSLify(app, subdomains=True) +Or by including SSL_SUBDOMAINS in your app's config. + + HTTP 301 Redirects ------------------ @@ -55,15 +58,24 @@ by passing the ``permanent`` parameter:: sslify = SSLify(app, permanent=True) +Or by including SSL_PERMANENT in your app's config. + Exclude Certain Paths from Being Redirected ------------------------------------------- - You can exlude a path that starts with given string by including a list called ``skips``:: +You can exlude a path that starts with given string by including a list called ``skips``:: sslify = SSLify(app, skips=['mypath', 'anotherpath']) Or by including SSL_SKIPS in your app's config. + +Turn-off Redirects Completely +------------------------------ +Flask-SSLify won't run if DEBUG is True, but you can also turn-off redirects completely by setting +SSL_NO_REDIRECTS in your app's config which might be useful for things like testing, etc. + + Install ------- diff --git a/flask_sslify.py b/flask_sslify.py index a3083e8..2bbc58a 100644 --- a/flask_sslify.py +++ b/flask_sslify.py @@ -9,12 +9,12 @@ class SSLify(object): """Secures your Flask App.""" def __init__(self, app, age=YEAR_IN_SECS, subdomains=False, permanent=False, skips=None): - if app is not None: + if app is not None and not app.config.get('SSL_NO_REDIRECTS'): self.app = app self.hsts_age = age - self.hsts_include_subdomains = subdomains - self.permanent = permanent - self.skip_list = skips or app.config['SSL_SKIPS'] + self.hsts_include_subdomains = subdomains or app.config.get('SSL_SUBDOMAINS') + self.permanent = permanent or app.config.get('SSL_PERMANENT') + self.skip_list = skips or app.config.get('SSL_SKIPS') self.init_app(self.app) else: self.app = None @@ -35,10 +35,13 @@ class SSLify(object): return hsts_policy @property - def skipping(self): + def skip(self): """Checks the skip list.""" # Should we skip? - if self.skip_list: + if self.skip_list: + if isinstance(self.skip_list, basestring): + if request.path.startswith('/' + skip): + return True for skip in self.skip_list: if request.path.startswith('/' + skip): return True @@ -52,7 +55,7 @@ class SSLify(object): request.headers.get('X-Forwarded-Proto', 'http') == 'https' ] - if not any(criteria) and not self.skipping is True: + if not any(criteria) and not self.skip is True: if request.url.startswith('http://'): url = request.url.replace('http://', 'https://', 1) code = 302 @@ -64,6 +67,6 @@ class SSLify(object): def set_hsts_header(self, response): """Adds HSTS header to each response.""" # Should we add STS header? - if request.is_secure and not self.skipping is True: + if request.is_secure and not self.skip: response.headers.setdefault('Strict-Transport-Security', self.hsts_header) return response From 594d927a979c21b621f42290e90c84c5194c9f43 Mon Sep 17 00:00:00 2001 From: Michael Tofias Date: Tue, 31 Mar 2015 11:58:27 -0500 Subject: [PATCH 05/19] Pretty up readme. --- README.rst | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/README.rst b/README.rst index 4a68e74..a2b8e10 100644 --- a/README.rst +++ b/README.rst @@ -47,7 +47,7 @@ If you'd like to include subdomains in your HSTS policy, set the ``subdomains`` sslify = SSLify(app, subdomains=True) -Or by including SSL_SUBDOMAINS in your app's config. +Or by including ``SSL_SUBDOMAINS`` in your app's config. HTTP 301 Redirects @@ -58,7 +58,7 @@ by passing the ``permanent`` parameter:: sslify = SSLify(app, permanent=True) -Or by including SSL_PERMANENT in your app's config. +Or by including ``SSL_PERMANENT`` in your app's config. Exclude Certain Paths from Being Redirected @@ -67,13 +67,13 @@ You can exlude a path that starts with given string by including a list called ` sslify = SSLify(app, skips=['mypath', 'anotherpath']) -Or by including SSL_SKIPS in your app's config. +Or by including ``SSL_SKIPS`` in your app's config. Turn-off Redirects Completely ------------------------------ -Flask-SSLify won't run if DEBUG is True, but you can also turn-off redirects completely by setting -SSL_NO_REDIRECTS in your app's config which might be useful for things like testing, etc. +Flask-SSLify won't run if ``DEBUG`` is ``True``, but you can also turn-off redirects completely by setting +``SSL_NO_REDIRECTS`` in your app's config which might be useful for things like testing, etc. Install From 6431e8fbf42714fbe4edef4da523f28204f2da4d Mon Sep 17 00:00:00 2001 From: Michael Tofias Date: Tue, 31 Mar 2015 12:04:14 -0500 Subject: [PATCH 06/19] Removed another is True. --- flask_sslify.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flask_sslify.py b/flask_sslify.py index 2bbc58a..8e965f8 100644 --- a/flask_sslify.py +++ b/flask_sslify.py @@ -55,7 +55,7 @@ class SSLify(object): request.headers.get('X-Forwarded-Proto', 'http') == 'https' ] - if not any(criteria) and not self.skip is True: + if not any(criteria) and not self.skip: if request.url.startswith('http://'): url = request.url.replace('http://', 'https://', 1) code = 302 From d141f4fec9395776b02dabfe2cc2609e3974bf28 Mon Sep 17 00:00:00 2001 From: Michael Tofias Date: Tue, 31 Mar 2015 12:07:07 -0500 Subject: [PATCH 07/19] Removed completely turning off redirects stuff. --- README.rst | 6 ------ flask_sslify.py | 2 +- 2 files changed, 1 insertion(+), 7 deletions(-) diff --git a/README.rst b/README.rst index a2b8e10..d85b272 100644 --- a/README.rst +++ b/README.rst @@ -70,12 +70,6 @@ You can exlude a path that starts with given string by including a list called ` Or by including ``SSL_SKIPS`` in your app's config. -Turn-off Redirects Completely ------------------------------- -Flask-SSLify won't run if ``DEBUG`` is ``True``, but you can also turn-off redirects completely by setting -``SSL_NO_REDIRECTS`` in your app's config which might be useful for things like testing, etc. - - Install ------- diff --git a/flask_sslify.py b/flask_sslify.py index 8e965f8..57c6e6b 100644 --- a/flask_sslify.py +++ b/flask_sslify.py @@ -9,7 +9,7 @@ class SSLify(object): """Secures your Flask App.""" def __init__(self, app, age=YEAR_IN_SECS, subdomains=False, permanent=False, skips=None): - if app is not None and not app.config.get('SSL_NO_REDIRECTS'): + if app is not None: self.app = app self.hsts_age = age self.hsts_include_subdomains = subdomains or app.config.get('SSL_SUBDOMAINS') From 2685703d8827e3092d9c297a42e4903ad4ff72e2 Mon Sep 17 00:00:00 2001 From: Michael Tofias Date: Tue, 31 Mar 2015 12:11:38 -0500 Subject: [PATCH 08/19] =?UTF-8?q?Skips=20can=E2=80=99t=20be=20a=20string.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- flask_sslify.py | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/flask_sslify.py b/flask_sslify.py index 57c6e6b..438771b 100644 --- a/flask_sslify.py +++ b/flask_sslify.py @@ -38,10 +38,7 @@ class SSLify(object): def skip(self): """Checks the skip list.""" # Should we skip? - if self.skip_list: - if isinstance(self.skip_list, basestring): - if request.path.startswith('/' + skip): - return True + if self.skip_list and not isinstance(self.skip_list, basestring): for skip in self.skip_list: if request.path.startswith('/' + skip): return True From d8d94340743cfb127cff65dabf9f735bb768f143 Mon Sep 17 00:00:00 2001 From: Michael Tofias Date: Tue, 31 Mar 2015 12:28:32 -0500 Subject: [PATCH 09/19] =?UTF-8?q?Fixed=20current=5Fapp=20stuff=20which=20I?= =?UTF-8?q?=20took=20out=20b/c=20=E2=80=A6=20=3F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- flask_sslify.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/flask_sslify.py b/flask_sslify.py index 438771b..8fa2846 100644 --- a/flask_sslify.py +++ b/flask_sslify.py @@ -1,6 +1,6 @@ # -*- coding: utf-8 -*- -from flask import request, redirect +from flask import request, redirect, current_app YEAR_IN_SECS = 31536000 @@ -10,6 +10,7 @@ class SSLify(object): def __init__(self, app, age=YEAR_IN_SECS, subdomains=False, permanent=False, skips=None): if app is not None: + self.init_app(app) self.app = app self.hsts_age = age self.hsts_include_subdomains = subdomains or app.config.get('SSL_SUBDOMAINS') @@ -48,7 +49,7 @@ class SSLify(object): # Should we redirect? criteria = [ request.is_secure, - self.app.debug, + current_app.debug, request.headers.get('X-Forwarded-Proto', 'http') == 'https' ] From 1f7a79f1e00b70ad04c3cbef17e24952c75c8992 Mon Sep 17 00:00:00 2001 From: Michael Tofias Date: Tue, 31 Mar 2015 12:31:55 -0500 Subject: [PATCH 10/19] Fixed. --- flask_sslify.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flask_sslify.py b/flask_sslify.py index 8fa2846..b56975b 100644 --- a/flask_sslify.py +++ b/flask_sslify.py @@ -8,7 +8,7 @@ YEAR_IN_SECS = 31536000 class SSLify(object): """Secures your Flask App.""" - def __init__(self, app, age=YEAR_IN_SECS, subdomains=False, permanent=False, skips=None): + def __init__(self, app=None, age=YEAR_IN_SECS, subdomains=False, permanent=False, skips=None): if app is not None: self.init_app(app) self.app = app From 2be30b1768c1cc2e3534905867b5576850c39616 Mon Sep 17 00:00:00 2001 From: Michael Tofias Date: Tue, 31 Mar 2015 12:36:50 -0500 Subject: [PATCH 11/19] Make work with current_app. --- flask_sslify.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/flask_sslify.py b/flask_sslify.py index b56975b..00f3f84 100644 --- a/flask_sslify.py +++ b/flask_sslify.py @@ -9,13 +9,13 @@ class SSLify(object): """Secures your Flask App.""" def __init__(self, app=None, age=YEAR_IN_SECS, subdomains=False, permanent=False, skips=None): + self.hsts_age = age + self.hsts_include_subdomains = subdomains or app.config.get('SSL_SUBDOMAINS') + self.permanent = permanent or app.config.get('SSL_PERMANENT') + self.skip_list = skips or app.config.get('SSL_SKIPS') + if app is not None: - self.init_app(app) self.app = app - self.hsts_age = age - self.hsts_include_subdomains = subdomains or app.config.get('SSL_SUBDOMAINS') - self.permanent = permanent or app.config.get('SSL_PERMANENT') - self.skip_list = skips or app.config.get('SSL_SKIPS') self.init_app(self.app) else: self.app = None From 7634d984277a808ef013287bed151c27b756ad39 Mon Sep 17 00:00:00 2001 From: Michael Tofias Date: Tue, 31 Mar 2015 12:39:46 -0500 Subject: [PATCH 12/19] More current_app cleanup. --- flask_sslify.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/flask_sslify.py b/flask_sslify.py index 00f3f84..c6dce38 100644 --- a/flask_sslify.py +++ b/flask_sslify.py @@ -15,8 +15,7 @@ class SSLify(object): self.skip_list = skips or app.config.get('SSL_SKIPS') if app is not None: - self.app = app - self.init_app(self.app) + self.init_app(app) else: self.app = None From 7979f0b9e5fd7576133ab20308589c8c0d3ca526 Mon Sep 17 00:00:00 2001 From: Michael Tofias Date: Tue, 31 Mar 2015 12:41:38 -0500 Subject: [PATCH 13/19] Concat string with format() like a real person would do. --- flask_sslify.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flask_sslify.py b/flask_sslify.py index c6dce38..d6d8928 100644 --- a/flask_sslify.py +++ b/flask_sslify.py @@ -40,7 +40,7 @@ class SSLify(object): # Should we skip? if self.skip_list and not isinstance(self.skip_list, basestring): for skip in self.skip_list: - if request.path.startswith('/' + skip): + if request.path.startswith('/{0}'.format(skip)): return True def redirect_to_ssl(self): From 9740d4a7c17c284833202a7d2618e9e7d57ef4b3 Mon Sep 17 00:00:00 2001 From: Michael Tofias Date: Tue, 31 Mar 2015 12:42:40 -0500 Subject: [PATCH 14/19] Removed unnecessary self.app = None block. --- flask_sslify.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/flask_sslify.py b/flask_sslify.py index d6d8928..acd6353 100644 --- a/flask_sslify.py +++ b/flask_sslify.py @@ -16,8 +16,6 @@ class SSLify(object): if app is not None: self.init_app(app) - else: - self.app = None def init_app(self, app): """Configures the configured Flask app to enforce SSL.""" From 30ff6a572d7acea284d98442f9966982bb666860 Mon Sep 17 00:00:00 2001 From: Michael Tofias Date: Tue, 31 Mar 2015 12:56:55 -0500 Subject: [PATCH 15/19] Have skip return False by default. --- flask_sslify.py | 1 + 1 file changed, 1 insertion(+) diff --git a/flask_sslify.py b/flask_sslify.py index acd6353..cdbd2d6 100644 --- a/flask_sslify.py +++ b/flask_sslify.py @@ -40,6 +40,7 @@ class SSLify(object): for skip in self.skip_list: if request.path.startswith('/{0}'.format(skip)): return True + return False def redirect_to_ssl(self): """Redirect incoming requests to HTTPS.""" From 3e6779245265a7e7d699894fee25c1b6e81f7970 Mon Sep 17 00:00:00 2001 From: Michael Tofias Date: Tue, 31 Mar 2015 14:37:29 -0500 Subject: [PATCH 16/19] =?UTF-8?q?Ideas=20about=20Configing=E2=80=A6.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- flask_sslify.py | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/flask_sslify.py b/flask_sslify.py index cdbd2d6..2ea3f09 100644 --- a/flask_sslify.py +++ b/flask_sslify.py @@ -9,10 +9,11 @@ class SSLify(object): """Secures your Flask App.""" def __init__(self, app=None, age=YEAR_IN_SECS, subdomains=False, permanent=False, skips=None): + self.app = app or current_app self.hsts_age = age - self.hsts_include_subdomains = subdomains or app.config.get('SSL_SUBDOMAINS') - self.permanent = permanent or app.config.get('SSL_PERMANENT') - self.skip_list = skips or app.config.get('SSL_SKIPS') + self.hsts_include_subdomains = subdomains or self.app.config.get('SSL_SUBDOMAINS') or subdomains + self.permanent = permanent or self.app.config.get('SSL_PERMANENT') or permanent + self.skip_list = skips or self.app.config.get('SSL_SKIPS') or skips if app is not None: self.init_app(app) @@ -36,7 +37,7 @@ class SSLify(object): def skip(self): """Checks the skip list.""" # Should we skip? - if self.skip_list and not isinstance(self.skip_list, basestring): + if self.skip_list and isinstance(self.skip_list, list): for skip in self.skip_list: if request.path.startswith('/{0}'.format(skip)): return True From 7ba2684213e9d43c1df2e2305a619dbb6ae618ab Mon Sep 17 00:00:00 2001 From: Michael Tofias Date: Tue, 31 Mar 2015 14:45:22 -0500 Subject: [PATCH 17/19] Less crazy config? --- flask_sslify.py | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/flask_sslify.py b/flask_sslify.py index 2ea3f09..4a3336e 100644 --- a/flask_sslify.py +++ b/flask_sslify.py @@ -11,9 +11,14 @@ class SSLify(object): def __init__(self, app=None, age=YEAR_IN_SECS, subdomains=False, permanent=False, skips=None): self.app = app or current_app self.hsts_age = age - self.hsts_include_subdomains = subdomains or self.app.config.get('SSL_SUBDOMAINS') or subdomains - self.permanent = permanent or self.app.config.get('SSL_PERMANENT') or permanent - self.skip_list = skips or self.app.config.get('SSL_SKIPS') or skips + + self.app.config.setdefault('SSL_SUBDOMAINS', False) + self.app.config.setdefault('SSL_PERMANENT', False) + self.app.config.setdefault('SSL_SKIPS', None) + + self.hsts_include_subdomains = subdomains or self.app.config['SSL_SUBDOMAINS'] + self.permanent = permanent or self.app.config['SSL_PERMANENT'] + self.skip_list = skips or self.app.config['SSL_SKIPS'] if app is not None: self.init_app(app) From d028fd3d541e88c34f148ae36a2c8abcbf91a5db Mon Sep 17 00:00:00 2001 From: Michael Tofias Date: Tue, 31 Mar 2015 14:47:03 -0500 Subject: [PATCH 18/19] SSLIFY_XXX for config --- flask_sslify.py | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flask_sslify.py b/flask_sslify.py index 4a3336e..979dc72 100644 --- a/flask_sslify.py +++ b/flask_sslify.py @@ -12,13 +12,13 @@ class SSLify(object): self.app = app or current_app self.hsts_age = age - self.app.config.setdefault('SSL_SUBDOMAINS', False) - self.app.config.setdefault('SSL_PERMANENT', False) - self.app.config.setdefault('SSL_SKIPS', None) + self.app.config.setdefault('SSLIFY_SUBDOMAINS', False) + self.app.config.setdefault('SSLIFY_PERMANENT', False) + self.app.config.setdefault('SSLIFY_SKIPS', None) - self.hsts_include_subdomains = subdomains or self.app.config['SSL_SUBDOMAINS'] - self.permanent = permanent or self.app.config['SSL_PERMANENT'] - self.skip_list = skips or self.app.config['SSL_SKIPS'] + self.hsts_include_subdomains = subdomains or self.app.config['SSLIFY_SUBDOMAINS'] + self.permanent = permanent or self.app.config['SSLIFY_PERMANENT'] + self.skip_list = skips or self.app.config['SSLIFY_SKIPS'] if app is not None: self.init_app(app) From 7931c2d96bc3911fca86f2209f966f48392df89a Mon Sep 17 00:00:00 2001 From: Michael Tofias Date: Tue, 31 Mar 2015 16:34:48 -0500 Subject: [PATCH 19/19] Changed docs to explain SSLIFY_XXX style config. --- README.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.rst b/README.rst index d85b272..46a9e33 100644 --- a/README.rst +++ b/README.rst @@ -47,7 +47,7 @@ If you'd like to include subdomains in your HSTS policy, set the ``subdomains`` sslify = SSLify(app, subdomains=True) -Or by including ``SSL_SUBDOMAINS`` in your app's config. +Or by including ``SSLIFY_SUBDOMAINS`` in your app's config. HTTP 301 Redirects @@ -58,7 +58,7 @@ by passing the ``permanent`` parameter:: sslify = SSLify(app, permanent=True) -Or by including ``SSL_PERMANENT`` in your app's config. +Or by including ``SSLIFY_PERMANENT`` in your app's config. Exclude Certain Paths from Being Redirected @@ -67,7 +67,7 @@ You can exlude a path that starts with given string by including a list called ` sslify = SSLify(app, skips=['mypath', 'anotherpath']) -Or by including ``SSL_SKIPS`` in your app's config. +Or by including ``SSLIFY_SKIPS`` in your app's config. Install