0

I'm using middleware to force certain pages to be served over HTTPS:

class SSLRedirect:

  def __init__(self):
    self.enabled = getattr(settings, 'SSL_ENABLED')

  def process_view(self, request, view_func, view_args, view_kwargs):

    if SSL in view_kwargs:
      secure = view_kwargs[SSL]
      del view_kwargs[SSL]
    else:
      secure = False

    if not self.enabled:
      logger.debug('SSL Disabled')
      return
...

The problem is that my switch in settings.py does not seem to have an effect. If I load a url for which I haven't set SSL, I get the SSL Disabled message in my log as expected. However if I load a url for which SSL is set, but SSL_ENABLED is False in settings.py, the page still tries to load over HTTPS (and fails, because I'm doing this on ./mange.py runserver), and I get no log message. Why isn't this approach working?

fredley
  • 32,953
  • 42
  • 145
  • 236

1 Answers1

-1

This turned out not to be a bug with the code.

In the case that I did want to redirect, I was returning:

return HttpResponsePermanentRedirect(newurl)

My browser had cached this, so the redirect was happening even with the switch turned off. Clearing my browser cache fixed this.

fredley
  • 32,953
  • 42
  • 145
  • 236