search

not-kennethreitz / flask-sslify

Force SSL on your Flask app.
https://pypi.python.org/pypi/Flask-SSLify
BSD 2-Clause "Simplified" License
504 stars 85 forks source link

Non GET requests redirect to GET #52

Closed reubano closed 7 years ago

reubano commented 7 years ago

It appears that requests other than GET are converted to GET requests... Example from my heroku log

Aug 30 08:43:18 app/router: at=info method=DELETE path="/v2/feed?source=test" host=app.herokuapp.com request_id=xxx fwd="xxx" dyno=web.1 connect=1ms service=11ms status=302 bytes=592 protocol=http 
Aug 30 08:43:19 app/router: at=info method=GET path="/v2/feed?source=test" host=app.herokuapp.com request_id=xxx fwd="xxx" dyno=web.1 connect=1ms service=18ms status=200 bytes=15801 protocol=https
kennethreitz commented 7 years ago

That's how 301's work.

kennethreitz commented 7 years ago

https://tools.ietf.org/html/rfc2616#section-10.3.2

reubano commented 7 years ago

TIL

kennethreitz commented 7 years ago

✨🍰✨

Kobzol commented 6 years ago

Flask SSLify could use 303 or 307 redirects to make non-GET request redirection work.

kennethreitz commented 6 years ago

those didn't exist when this was written