Is there any easy way to have a django site enforce HTTPS for authenticated users while any anonymous users would default to HTTP? This would allow me to protect the sessions and cookies for users who have logged on while conserving server resources for those who aren't authenticated (I would assume the majority of connections). As part of this it would also make sense for me to ensure the login and register pages also use HTTPS to protect any passwords.
I'm not sure if it's relevant but I'm using Nginx as a web server with uwsgi dealing with the django requests.
Thanks.
-- You received this message because you are subscribed to the Google Groups "Django users" group.
To view this discussion on the web visit https://groups.google.com/d/msg/django-users/-/tUaAAA_NqUUJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
No comments:
Post a Comment