Added root domain option for use with cheaper SSL certs #24
Conversation
Add a SSLIFY_DISABLE_FOR_REQUEST list of callables and evaluate them for the current request. If any of them returns True, abort. The global SSLIFY_DISABLE setting always takes precedence.
- not using SessionAuthenticationMiddleware - avoiding a "template not found error" for 404.html with a simple template loader.
…kind of SSL certs
|
Hey Mike! Thanks so much for this PR -- it looks really good but there are a few small changes that need to be fixed before I can safely merge it in there. The first one is that it's missing some checks around the www. stuff -- it's assuming that the root domain will be www. which might not always be true (EG: the site is dashboard.blah.com). This might cause unexpected behavior. I think the proper solution is to parse out the subdomain first, dynamically, then swap it that way. Next, this needs some unit tests around this new behavior, as I think it's introducing some new stuff in there. And lastly, would you mind adding some docs to the README which tell users how to make use of the new feature? I'd be happy to get it all merged in there with those changes. Thanks so much again! Looks like a great idea. |
No description provided.