Add a config option to FORCE_HTTPS_LINKS

In situations where SSL is terminated at the load-balancer, we cannot
rely on guessing the scheme based on whether patchwork itself was
accessed via http or https, since the last-leg is always going to be
done over http.

Unfortunately, wrongly using http:// URLs results in unusable
.pwclientrc files, since xmlrpc does not handle http->https redirects
and instead displays a traceback.

This change introduces a FORCE_HTTPS_LINKS option, which forces
pwclientrc links to always return "https" regardless of how the project
itself is accessed.

It appears that the http/https check is currently only used for
generating pwclientrc -- a lot of other places seem to hardcode
"http://" and rely on the server to transparently upgrade the
connection. This is not a secure approach (it allows for MITM and
SSL-Strip attacks) and therefore all places currently hardcoding
http://{{site.domain}} and similar should be switched to using the
"sheme" variable, the same as done for generating pwclientrc files.

Signed-off-by: Jeremy Kerr <jk@ozlabs.org>

1 files changed, 1 insertions, 1 deletions

diff --git a/apps/patchwork/views/base.py b/apps/patchwork/views/base.py
index 7707653..fa7dd99 100644
--- a/apps/patchwork/views/base.py
+++ b/apps/patchwork/views/base.py
@@ -43,7 +43,7 @@ def pwclientrc(request, project_id):
     project = get_object_or_404(Project, linkname = project_id)
     context = PatchworkRequestContext(request)
     context.project = project
-    if request.is_secure():
+    if settings.FORCE_HTTPS_LINKS or request.is_secure():
         context['scheme'] = 'https'
     else:
         context['scheme'] = 'http'