Issue 9986

Make URL is_secure when SSL is delegated
Nosy list
ced, pokoli, reviewbot, yangoon
Assigned to
backport, review

Created on 2021-01-10.23:59:07 by ced, last changed 6 days ago by yangoon.


Author: [hidden] (yangoon) Tryton translator
Date: 2021-01-15.11:29:45

Ping. Any comment on this?

Author: [hidden] (yangoon) Tryton translator
Date: 2021-01-11.00:20:28

I think that the ssl configuration is even more obscured by this change. This feature deserves without doubt a dedicated setting. When the change is backported it is nevertheless an API breakage. So I don't see the difference between the proposed change and the introduction of a new dedicated and meaningful setting.

Author: [hidden] (ced) Tryton committer Tryton translator
Date: 2021-01-10.23:59:07

A common issue is that when the SSL is delegated to a proxy server, the URL built without a requests are considered as non secure. This is because we rely on the presence of a certificate/privatekey in the configuration.
This can be seen in the email sent when the admin password is reset via command line.
I propose to allow to set only one of the two configuration keys so the internal web server will not try to setup SSL and make is_secure return True.
This proposal has minor impact and so it can be back-ported without too much pain.

Date User Action Args
2021-01-15 11:29:45yangoonsetmessages: + msg63883
2021-01-11 09:53:08pokolisetnosy: + pokoli
2021-01-11 00:20:28yangoonsetmessages: + msg63850
nosy: + yangoon
2021-01-11 00:13:10reviewbotsetmessages: + msg63848
nosy: + reviewbot
2021-01-11 00:00:36cedsetkeyword: + backport, review
reviews: 353161002
status: in-progress -> testing
2021-01-10 23:59:07cedcreate

Showing 10 items. Show all history (warning: this could be VERY long)