add support for HTTPS protocol

[pigay]

Proof of concept for #303

• Allows to pass arguments to tornado.HTTPServer constructor through app.create_server.
• support for HTTPS protocol

Enable SSL transport by calling :

args = {}
args['ssl_options'] = {'certfile' : 'path-to-crtfile', 'keyfile' : 'path-to-keyfile'}
app.create_server(**args)

app.serve(Example, 'Example')
app.run()

[almarklein]

Thanks!

I think it would be nice to document this feature. I think the best place might be to add a few lines to the docstring of create_server() on how server_kwargs can be used to enable SSL.

Is it also possible to add an example script to demo this? Not sure what cert and keyfile to point to though. What do you think?

I see a few more places that use http:

• The url prop in app/_app.py
• init_interactive() in app/_funcs.py

[almarklein]

Travis fails because of style errors. You can run the style test locally by running python make test style in the root flexx directory.

[Korijn]

Should the port be set to 443 automatically if port=None for the https protocol? I'm not sure if it will work on other ports.

[pigay]

@Korijn from my tests, it works fine for default port (49190)

[alexveden]

@pigay thx for your work. Have you added new config setting handling for HTTPS connections?

[pigay]

This error (https://travis-ci.org/zoofIO/flexx/jobs/181720106) seems to happen in python2.

I don't know much about python testing. How can I debug this error?

[pigay]

@alexveden not yet. I was thinking of it, though.

However, this configuration is specific to Tornado. Should I add tornado_certfile and tornado_keyfile in flexx._config.py?

[alexveden]

@pigay It would be great, because the problem is also related to remote Ipython notebooks too #299

[alexveden]

@pigay Am I correct, do we need both key and cert to connect SSL, but according your last commit ccfa4b1 it's allowed to add one of those files.

[pigay]

@alexveden I think so. I found easier to handle each file independently and error messages from tornado should still be meaningful.

[pigay]

A question: I'm not really fluent with Github. Do I need to create another PR after rebase to solve the merge conflict?

[almarklein]

@pigay you can create a new branch if you prefer, but it it nor necessary. On a merge conflict in a PR you can either merge your branch with master, or rebase it on master. Preference depends on the project, I slightly prefer the latter:

git checkout master
git pull
git checkout your-branch
git rebase master
... resolve conflicts
git add ... files that were in conflict
git rebase --continue
git push your-remote your-branch -f

The -f force-pushes, i.e. overwrites history. Never ever use that on a master branch :P

[pigay]

@almarklein the -f option was what I was missing. Thanks.

[alexveden]

@almarklein how long could it take to merge this pull request to the master? Thx

[almarklein]

This is great! Just made a few small remarks.

[almarklein]

That first test ssl_certfile' in config should not be necessary

[almarklein]

I like the idea of setting ssl options via the config. In fact, I think we should advocate that as the way to do it. We can keep the server_kwargs, but can you please please remove the example in this docstring (I know I asked you to add it earlier, sorry!).

[almarklein]

Can you please use flexx.config here instead? I think that should be the approach to put forward as the way to enable https.

[almarklein]

Out of curiosity, if Flexx ever supports a web framework alternative to Tornado, would the same key and cert files be usable?

[pigay]

As long as this new web framework uses a certificate and key files, it should be fine. Since tornado's ssl_options is built from flex config variables id done in _tornadoserver.py, you would just need to use the same variables in the new server _open method.

[almarklein]

Thanks @pigay !

[pigay]

My pleasure!