Saturday, January 1, 2011

Ajax and SSL

Hi,

I'm using Satchmo to build a store for a Django-powered webpage.
Satchmo provides a convenient middleware
('satchmo_store.shop.SSLMiddleware.SSLRedirect') which allows me to
add { 'SSL' : True } arguments to my view specifications (in urls.py).
This forwards requests to using the HTTPS protocol when so specified.
There are other middlewares that do roughly the same thing, so this is
not necessarily Satchmo-specific.

I have some views configured to be forwarded to using SSL (HTTPS
protocol). However, I also have some general Ajax views configured.
E.g. I have one that updates a progress bar on every page once that
page has loaded.

The problem is the following: consider me having the following
(abstract) specification in urls.py:

VIEW1[SSL=True]
AJAX1[SSL=False]

where a client-side call to AJAX1 is performed once the page has fully
loaded as generated by VIEW1. The page generated by VIEW1 should call
AJAX1 using the HTTPS protocol, but the convenient middleware will
forward it to HTTP, as specified above, which will cause problems
(i.e. it will not work). If I set AJAX1[SSL=True] I will get problems
when I access views using the HTTP protocol.

Is there a way to make use of the above-mentioned convenient
declarative middleware (just adding { 'SSL' : True } in view-
specifications), but get around these kinds of problems?

What are some common design patterns for these kinds of problems?

Thanks,
Jakob

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.

No comments:

Post a Comment