panda/bettafish-company
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enhance HTTPS redirection using Flask url_for.

Browse Source
This commit is contained in:
戒酒的李白
2025-04-02 20:11:19 +08:00
parent fd4b918bc5
commit 307547196a
1 changed files with 13 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
middleware/security.py
+13 -4
View File
@@ -1,4 +1,4 @@
from flask import request, redirect from flask import request, redirect, url_for
from functools import wraps from functools import wraps
import bleach import bleach
from utils.logger import app_logger as logging from utils.logger import app_logger as logging
@@ -23,9 +23,18 @@ def require_https():
def decorator(f): def decorator(f):
@wraps(f) @wraps(f)
def decorated_function(*args, **kwargs): def decorated_function(*args, **kwargs):
if not request.is_secure and not request.is_localhost: if not request.is_secure and not getattr(request, 'is_localhost', False):
url = request.url.replace('http://', 'https://', 1) # 使用 _external=True 和 _scheme='https' 生成完整的 HTTPS URL
return redirect(url, code=301) secure_url = url_for(
request.endpoint,
_external=True,
_scheme='https',
**request.view_args
)
# 添加查询参数
if request.query_string:
secure_url = f"{secure_url}?{request.query_string.decode('utf-8')}"
return redirect(secure_url, code=301)
return f(*args, **kwargs) return f(*args, **kwargs)
return decorated_function return decorated_function
return decorator return decorator