This repository has been archived by the owner. It is now read-only.
No description, website, or topics provided.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.gitignore
.travis.yml
LICENSE.txt
README.md
dev-requirements.txt
setup.cfg
setup.py
ssl-all-the-things.jpg
test_sslify.py
wsgi_sslify.py

README.md

WSGI-SSLify

Build Status

(Yes, I know "TLS" would be more accurate. Deal with it.)

WSGI middleware to redirect all incoming HTTP requests to HTTPS. Inspired by djangosecure and flask-sslify, except for raw WSGI apps.

Why?

I was using static, and I wanted to force SSL. It was hard. So I made it easy:

app = sslify(static.Cling('content/'))

Usage

It really is that easy; just wrap your app with sslify:

from somewhere import my_wsgi_app
from wsgi_sslify import sslify

app = sslify(my_wsgi_app)

Options

You can pass some keyword arguments to sslify to control its behavior:

  • hsts (default: True) - set a Strict-Transport-Security header, which instructs browsers to always use HTTPS. See OWASP for more details on HSTS.

  • max_age (default: one year) - length, in seconds, for browsers to force HTTPS.

  • subdomains (default: False) - force HTTPS for all subdomains, too.

  • permanent (default: True) - issue a permanent (HTTP 301) redirect. If False, issue a temporary (HTTP 302) redirect.

  • proxy_header (default: X-Forwarded-Proto) - for services behind a proxy, this is the name of the header that contains the real request scheme.

Changes

1.0.1

  • Use werkzeug to ensure the URL is always bytes (#1).

1.0

  • Initial release.

Contributing

To run the tests:

  • Optional (but recommended): Create/activate a virtualenv.
  • $ pip install -r dev-requirements.txt
  • $ flake8
  • $ py.test

See the py.test docs for more options.

Contributing: send me pull requests.