stackoom
  简体   繁体   中英

How to redirect HTTP requests on a Python App on Bluemix to HTTPS only?

 原文  2015-12-08 23:21:59       python/ http/ https/ ibm-cloud

Question

I have python app on Bluemix and would like to make it accessible over https only. By default I can connect both via http and https. Want to restrict access via https only. So what is the best way to disable http access, or redirect request to https only?

2 answers

solution1
 1  2015-12-09 14:46:59

The Bluemix proxy server terminates the SSL, so that all traffic looks like HTTP to your app. However, the proxy also adds a special HTTP header named $WSSC with a value that can be either http or https. Check this header and, if the value is set to http, then change it to https.

As Adam pointed out in his comment, the IBM forum has further discussion of this approach: https://developer.ibm.com/answers/questions/16016/how-do-i-enforce-ssl-for-my-bluemix-application.html

solution2
 1 ACCPTED  2015-12-11 01:46:27

As ralphearle mentioned in his answer, Bluemix proxy server terminates the SSL, so you can look into the X-Forwarded-Proto header to find out if request comes from http or https .

See below a simple example based on the Python starter code from Bluemix. I added the RedirectHandler class to check for the X-Forwarded-Proto header value and redirects the request to https if it not https . 

import os
try:
  from SimpleHTTPServer import SimpleHTTPRequestHandler as Handler
  from SocketServer import TCPServer as Server
except ImportError:
  from http.server import SimpleHTTPRequestHandler as Handler
  from http.server import HTTPServer as Server

class RedirectHandler(Handler):
  def do_HEAD(self):
    if ('X-Forwarded-Proto' in self.headers and 
            self.headers['X-Forwarded-Proto'] != 'https'):
        self.send_response(301)
        self.send_header("Location", 'https://' + self.headers['Host'] + self.path)
        self.end_headers() 
  def do_GET(self):
     self.do_HEAD()
     Handler.do_GET(self)

# Read port selected by the cloud for our application
PORT = int(os.getenv('PORT', 8000))
# Change current directory to avoid exposure of control files
os.chdir('static')

httpd = Server(("", PORT), RedirectHandler)
try:
  print("Start serving at port %i" % PORT)
  httpd.serve_forever()
except KeyboardInterrupt:
  pass
httpd.server_close()

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Redirect HTTP requests to HTTPS in Tornado HTTP redirect to HTTPS Python How to redirect http to https python http.server Python - Requests module HTTP and HTTPS requests Python HTTP Redirect requests forbidden Python requests: how to make http only request? How to modify incoming HTTPS and HTTP requests with python3 how to redirect http to https in flask How to redirect http to https with Gunicorn Making HTTPS requests in Python fails, but not HTTP
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM