Middleware is most certainly *not* hacks! They're an intended and perfectly documented hook point for any special behavior you'd like in your webservice that makes sense inserting at that particular point of the request processing
-----Mensaje original----- De: Thomas Orozco Enviados: 08/07/2012 16:29:53 Asunto: Re: how to use HTTPS with django That's indeed a valid point, if you're going to deploy multiple services behind a webserver it does make sense to do it at webserver level as you'll avoid duplicating your efforts. Now, using middleware that redirects to https does not have to be "a hack", andif django changes to the point that your middleware breaks, there will probably be a lot of other issues :-) Le 8 juil. 2012 15:39, "John Yeukhon Wong" <gokoproj...@gmail.com> a écrit : > I agree, but I think at the web server level is much better. Middlewares > can break if Django core changes a lot, and since they are third-party hack > code, so unless you are confident how to maintain it yourself, don't use > them. Apache, Nginx configurations are widely used so they are easier to > get help nowadays. That is not to say that many middlewares I've seen over > the years are bad. I've used a few of those on snippets :) They are great. > > And for many people, there is usually more than one Django site, or > multiple applications deploy (custom backend, etc) which run as HTTP > services too. So enabling SSL at server level is a lot easier to maintain. > > > > On Sunday, July 8, 2012 5:47:01 AM UTC-4, Thomas Orozco wrote: >> >> This comes down to a simple middleware that intercepts http requests and >> redirects them to https. This is very to do in django. >> >> You can find plenty of such middleware on djangosnippets. >> >> Now, if your app is running behind a reverse proxy (e.g. nginx + >> gunicorn) , things get a little bit more complicated as your proxy needs >> to tell the django app whether the request was originally https of http. >> >> This is easy to do, but not very well documented in django. Look at the >> settings reference for the appropriate ones. >> >> >> Alternatively, you could achieve the same thing at webserver level. But >> having worked with both setups, using a middleware is a lot easier to >> setup. >> >> Now, you might find doing it at webserve Correo truncado a 2,000 caracteres. :::0:a38e127653db5308da9bff2680ff4c5c:7d0:::: -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
