On Feb 9, 2011, at 8:33 AM, David J. wrote: > > how about "secure" or "enable_ssl" or "transport" or "is_secure" > > Although "secure" is probably the most intuitive;
I'm leaning toward the syntax below. An alternative to 'secure' is 'scheme', in which case the values would be 'http' or 'https', or True to use the scheme in request.env. The last option isn't explicit with 'secure', but I don't think it's required. > > > > On 2/9/11 11:20 AM, Jonathan Lundell wrote: >> On Feb 9, 2011, at 6:58 AM, Massimo Di Pierro wrote: >>> No objection. I would take the patch. >> I'll work one up. Input on the exact argument syntax is welcome. >> >>> On Feb 8, 2:59 pm, Jonathan Lundell<jlund...@pobox.com> wrote: >>>> On Feb 8, 2011, at 12:24 PM, David J. wrote: >>>> >>>> >>>> >>>>> Thanks Jonathan; >>>>> This works too; >>>> Good. >>>> >>>> This *could* be an option to URL, since it has internal access to request. >>>> Suppose we added arguments URL(..., secure=None, host=None). >>>> >>>> This case would mean the current behavior. Secure could be True or False >>>> for https/http. Host could be a string. >>>> >>>> Specifying just a host would mean: use scheme from request.env. >>>> >>>> Specifying just secure True/False would mean: use host from request.env. >>>> >>>> The host& scheme would be prepended after all rewriting. >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>>> Thanks; >>>>> On 2/8/11 3:11 PM, Jonathan Lundell wrote: >>>>>> On Feb 8, 2011, at 11:41 AM, David J. wrote: >>>>>>> Well than maybe someone could inform them; ;) >>>>>>> It would be useful; My current work around is to make the whole site >>>>>>> secure cringe; >>>>>> If you know that the host info is valid, you could write: >>>>>> 'https://%s%s' % (request.env.http_host, URL("function")) >>>>>> web2py has no guarantee of knowing the host name; that depends on how >>>>>> it's deployed (consider the case of a proxy). >>>>>>> On 2/8/11 2:36 PM, Massimo Di Pierro wrote: >>>>>>>> Because the URL function does not know the "https://example.com";. Only >>>>>>>> the web server knows it. >>>>>>>> We do have a URL(,sign=....) option to digitally sign URLs. >>>>>>>> On Feb 8, 12:58 pm, "David J."<da...@styleflare.com> wrote: >>>>>>>>> I was wondering why URL does not include a secure flag? >>>>>>>>> I think it should be able to set "secure" url's >>>>>>>>> For example if you do URL("function",secure=True) >>>>>>>>> We generate a complete URL >>>>>>>>> https://example.com/welcome/default/function >> >> >
