django-sslify icon indicating copy to clipboard operation
django-sslify copied to clipboard

Published 20 hours ago verified publisher icon rdegges

New release

Open mjtamlyn opened this issue 7 years ago • 12 comments

Hi Randall!

Would there be any chance of rolling a release? The PR merged in https://github.com/rdegges/django-sslify/pull/35 a year or so ago is now needed for Django 2.0, and isn't in a released version on PyPI.

Thanks! Marc

mjtamlyn avatar Jan 05 '18 11:01 mjtamlyn

Hey! I was just looking to do this, but.... Looks like the build isn't passing :( https://travis-ci.org/rdegges/django-sslify/jobs/329343417

rdegges avatar Jan 16 '18 06:01 rdegges

If you wanna send a PR for some fixes (or if you're interested in maintaining), I'd be happy to share the creds! I'm currently doing a lot of non-Django related work and haven't been doing a good job keeping on top of this :(

rdegges avatar Jan 16 '18 06:01 rdegges

Hi! We are using django-sslify as well, we would be glad to help, fixing the travis config as a first step. What do you prefer, adding me as maintainer or me creating a PR for the travis config?

manelclos avatar Mar 05 '18 10:03 manelclos

I'm adding you as a maintainer! Any help would be fantastic and appreciated =D

rdegges avatar Mar 06 '18 21:03 rdegges

Travis configuration is now fixed. There is a tox config as well to test locally. Django versions supported are 1.8 to 2.0. Travis is passing now.

manelclos avatar Mar 07 '18 07:03 manelclos

I'm curious as to why support from Django 1.8 and beyond is necessary, given this? Wondering because I was planning to just use SECURE_SSL_REDIRECT = True now and phase out django-sslify entirely.

HEdingfield avatar Mar 26 '18 13:03 HEdingfield

You might be using django-sslify already, migrating to 1.8 or beyond should not break the project. This happens in some of my projects, I'm just lazy to do the change. Also, it has some advanced features like disabling SSL for some URLs: https://github.com/rdegges/django-sslify#disabling-sslify

manelclos avatar Mar 26 '18 14:03 manelclos

Ah, I see, thanks. FYI, I think the feature you mentioned is also available in Django now via SECURE_REDIRECT_EXEMPT.

HEdingfield avatar Mar 26 '18 14:03 HEdingfield

yeah, nice to know. Then only the safe upgrade path point is valid :)

manelclos avatar Mar 26 '18 14:03 manelclos

After investigating this more, I determined that django-sslify still does something that SECURE_SSL_REDIRECT apparently doesn't: it actually forces the URL in the browser to change to https://, which is really useful. I was running into problems after phasing out django-sslify and relying solely on the SECURE_SSL_REDIRECT setting because I'd get 403 errors when trying to access things, and would have to manually change the URL to https://. In light of this, I'm going to start using this package again!

We may want to update the docs here to reflect this: https://github.com/rdegges/django-sslify#using-django-18-or-later

HEdingfield avatar Apr 04 '18 16:04 HEdingfield

That said, do we have an ETA on the 0.2.8 release? haha

HEdingfield avatar Apr 04 '18 16:04 HEdingfield

Would love an update on 0.2.8!

HEdingfield avatar Oct 01 '18 04:10 HEdingfield