[Zope-dev] Zope 2 WSGI investigation
Marius Gedminas
marius at gedmin.as
Mon Jan 9 11:44:36 UTC 2012
On Mon, Jan 09, 2012 at 10:01:29AM +0100, Sylvain Viollon wrote:
> Op 8 jan 2012, om 16:36 heeft Laurence Rowe het volgende geschreven:
> > On 3 January 2012 08:34, Sylvain Viollon <sylvain at infrae.com> wrote:
> >> Op 1 jan 2012, om 20:39 heeft Martin Aspeli het volgende geschreven:
>
> [...]
>
> >>>
> >>> * Supports simplified virtual hosting with X-VHM-Host
> >>
> >> That is not completely true. I support setting the hostname,
> >> however to set a virtual path, you need to do this during
> >> traversing, which is done in BaseRequest, that I don't change
> >> (because it is a big large blob of code where you cannot really
> >> plug anything in it, or change only a few line in it without
> >> changing everything).
> >>
> >> In production we use mod_rewrite to rewrite the URL with an old
> >> VirtualHostMonster url and pass it to mod_wsgi with the help of
> >> the flags PT.
> >
> > What advantage is there to setting the X-VHM-Host header over just
> > setting the Host header?
>
> You can't set a virtual path with the Host header, it is not valid
> if you want to follow the RFC. After as well, you can include the
> port in it, but I think you are not sure if you can't really know
> if you should create https URL or not, you don't have this
> information (this is not required only to be on port 443, and if it
> is I am not even sure the port is correctly added in the Host
> header).
In the WSGI world it's usual to use the X-Forwarded-Scheme header to
determine the scheme (http or https), AFAIU.
See e.g. http://pythonpaste.org/wsgiproxy/#the-proxy
http://pythonpaste.org/deploy/modules/config.html#paste.deploy.config.PrefixMiddleware
http://packages.python.org/Deliverance/proxy.html
http://docs.pylonsproject.org/projects/pyramid_cookbook/en/latest/deployment/nginx.html
> I think it would be safer to have a separate header for all this
> information, and not touching the Host headers, that applications
> might expect to be correct.
>
> Regards,
>
> Sylvain,
>
> http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.23
> http://www.ietf.org/rfc/rfc2818.txt
Marius Gedminas
--
http://pov.lt/ -- Zope 3/BlueBream consulting and development
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://mail.zope.org/pipermail/zope-dev/attachments/20120109/911629be/attachment.sig>
More information about the Zope-Dev
mailing list