Changeset 47

Timestamp:

10/06/06 20:10:51 (2 years ago)

Author:

verbosus

Message:

Raise a RuntimeError? if trying to redirect on a POST request (thanks, C8E)

Files:

• django/trunk/middleware/sslmiddleware.py (modified) (4 diffs)

django/trunk/middleware/sslmiddleware.py

@@ -11 +11 @@
 https-less counterpart if needed).
 """
-__version__ = "1.0"
+__version__ = "1.1"
 __license__ = "Python"
 __copyright__ = "Copyright (C) 2006, Antonio Cavedoni"
 __author__ = "Antonio Cavedoni <http://cavedoni.com/>"
-__contributors__ = ["Stefano J. Attardi <http://attardi.org/>"]
+__contributors__ = [
+    "Stefano J. Attardi <http://attardi.org/>", 
+    "Carlo C8E Miron"
+    ]
 
 from django.conf import settings
@@ -27 +30 @@
                 if request.path.startswith("/%s" % path):
                     if not request.is_secure():
-                        # Redirect to https://
+                        # Should be SSL but it isn't, redirect!
                         return self._redirect(request, "https")
                     else:
@@ -35 +38 @@
             if _to_redir:
                 if request.is_secure():
+                    # Shouldn't be SSL but it is, redirect!
                     return self._redirect(request, "http")
 
@@ -42 +46 @@
         if request.GET:
             newurl += '?' + request.GET.urlencode()
+        if settings.DEBUG and request.method == 'POST':
+            raise RuntimeError, """
+Django can't redirect to the %(protocol)s URL you requested while maintaining 
+POST data. Change your form to point to %(uri)s (dont't forget to specify the 
+%(protocol)s or remove the requested path from the HTTPS_PATHS tuple in the 
+project settings""" % {'uri': newurl, 'protocol': protocol.upper()}
         return HttpResponseRedirect(newurl)