diff --git a/TODO.md b/TODO.md index a2b33aa4f3216c4952987a170eb50e43d1536dec..e965271d8f46e639bc728e56e9c03d3c1a0a9141 100644 --- a/TODO.md +++ b/TODO.md @@ -1,6 +1,6 @@ # To-do -* remove `ForceCanonicalHostnameMiddleware` by ensuring canonical redirect and HTTPS redirect is done by Apache +* ask Denver about why so many license files * serve a 400 in Apache for a hostname we don't explicitly support * use `` elements for supporter page hidden sections, rather than complex jQuery - or consider Alpine.js * replace `internalNavigate` with inline flexbox layout @@ -9,6 +9,7 @@ # Done +* remove `ForceCanonicalHostnameMiddleware` by ensuring canonical redirect and HTTPS redirect is done by Apache * standardise settings to replace `settings.py` and `djangocommonsettings.py` with `settings/prod.py` and move `SECRET_KEY` to an environment variable * migrate to Django 4.2 LTS diff --git a/conservancy/blog/views.py b/conservancy/blog/views.py index 4d3cdc9da530ee00b499a596c9e7c9c614531b0f..3fc71f79782b45fcf25ecc171d159f19b8d5f055 100644 --- a/conservancy/blog/views.py +++ b/conservancy/blog/views.py @@ -114,11 +114,8 @@ def query(request): def relative_redirect(request, path): from django import http - from django.conf import settings host = request.get_host() - if settings.FORCE_CANONICAL_HOSTNAME: - host = settings.FORCE_CANONICAL_HOSTNAME url = "{}://{}{}".format(request.is_secure() and 'https' or 'http', host, path) return http.HttpResponseRedirect(url) diff --git a/conservancy/local_context_processors.py b/conservancy/local_context_processors.py index 9e9499e1507afbee6349c2a6b4e03bf0711739b6..0f14fbe6ccdd87d7fdf617676c953299aa719957 100644 --- a/conservancy/local_context_processors.py +++ b/conservancy/local_context_processors.py @@ -1,7 +1,5 @@ from datetime import datetime as DateTime -from django.conf import settings - from .fundgoal.models import FundraisingGoal SITE_FUNDGOAL = 'cy2023-end-year-match' @@ -19,10 +17,5 @@ def sitefundraiser(request): 'sitefundgoal': fundgoal_lookup(SITE_FUNDGOAL), } -if settings.FORCE_CANONICAL_HOSTNAME: - _HOST_URL_VAR = {'host_url': 'https://' + settings.FORCE_CANONICAL_HOSTNAME} - def host_url(request): - return _HOST_URL_VAR -else: - def host_url(request): - return {'host_url': request.build_absolute_uri('/').rstrip('/')} +def host_url(request): + return {'host_url': request.build_absolute_uri('/').rstrip('/')} diff --git a/conservancy/middleware.py b/conservancy/middleware.py deleted file mode 100644 index 17f9528318acb38f668730dca4bdc1661463e6dc..0000000000000000000000000000000000000000 --- a/conservancy/middleware.py +++ /dev/null @@ -1,60 +0,0 @@ -from django import http -from django.conf import settings -from django.utils.cache import patch_response_headers -from django.utils.deprecation import MiddlewareMixin - - -class ForceCanonicalHostnameMiddleware(MiddlewareMixin): - # MiddlewareMixin provides compatiiblity for Django 1.10 style middleware. - - def process_request(self, request): - """Modified common middleware for Conservancy site - - * Performs redirects to strip trailing "index.html" - * performs redirects based on APPEND_SLASH - * performs redirects based on site-specific REDIRECT_TABLE - * adds cache headers to provide hints to squid - """ - - # Never allow connection to the /admin part of the site without SSL - if (not request.is_secure) and request.path.startswith('/admin'): - url = 'https://sfconservancy.org%s' % request.path - return http.HttpResponseRedirect(url) - - # Check for a redirect based on settings.APPEND_SLASH - host = request.get_host() - old_url = [host, request.path] - new_url = old_url[:] - # Append a slash if append_slash is set and the URL doesn't have a - # trailing slash or a file extension. - if settings.APPEND_SLASH and (old_url[1][-1] != '/') and ('.' not in old_url[1].split('/')[-1]): - new_url[1] = new_url[1] + '/' - if settings.DEBUG and request.method == 'POST': - raise(RuntimeError, "You called this URL via POST, but the URL doesn't end in a slash and you have APPEND_SLASH set. Django can't redirect to the slash URL while maintaining POST data. Change your form to point to {}{} (note the trailing slash), or set APPEND_SLASH=False in your Django settings.".format(new_url[0], new_url[1])) - # Strip trailing index.html - if new_url[1].endswith('/index.html'): - new_url[1] = new_url[1][:new_url[1].rfind('index.html')] - # Consult redirect table (if exists) - if hasattr(settings, "REDIRECT_TABLE"): - if new_url[1] in settings.REDIRECT_TABLE: - new_url[1] = settings.REDIRECT_TABLE[new_url[1]] - if new_url != old_url: - # Force canonical hostname - if settings.FORCE_CANONICAL_HOSTNAME: - new_url[0] = settings.FORCE_CANONICAL_HOSTNAME - # Redirect - if new_url[0]: - newurl = "{}://{}{}".format(request.is_secure() and 'https' or 'http', new_url[0], new_url[1]) - else: - newurl = new_url[1] - if request.GET: - newurl += '?' + request.GET.urlencode() - return http.HttpResponseRedirect(newurl) - - return None - - def process_response(self, request, response): - # provide hints to squid - if request.method in ('GET', 'HEAD') and response.status_code == 200: - patch_response_headers(response) - return response diff --git a/conservancy/podjango/views.py b/conservancy/podjango/views.py index ae81663db3bd052fc5141672860717e6c65b7444..24ea7e782b18f8c2653180532565c8e7820e8330 100644 --- a/conservancy/podjango/views.py +++ b/conservancy/podjango/views.py @@ -105,11 +105,8 @@ def query(request): def relative_redirect(request, path): from django import http - from django.conf import settings host = http.get_host(request) - if settings.FORCE_CANONICAL_HOSTNAME: - host = settings.FORCE_CANONICAL_HOSTNAME url = "%s://%s%s" % (request.is_secure() and 'https' or 'http', host, path) return http.HttpResponseRedirect(url) diff --git a/conservancy/settings/base.py b/conservancy/settings/base.py index 611ce1a01ff7d7a5a5de35da62a581916f577df8..5f2edf1a126d809b4853e27103f148c9b45fd679 100644 --- a/conservancy/settings/base.py +++ b/conservancy/settings/base.py @@ -22,10 +22,6 @@ from pathlib import Path SITE_ID = 2 ROOT_URLCONF = 'conservancy.urls' -REDIRECT_TABLE = { - 'www.sf-conservancy.org': 'sfconservancy.org', -} - LOGGING = { 'version': 1, 'disable_existing_loggers': False, @@ -136,7 +132,6 @@ MIDDLEWARE = [ 'django.contrib.sessions.middleware.SessionMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', - 'conservancy.middleware.ForceCanonicalHostnameMiddleware', ] USETHESOURCE = { diff --git a/conservancy/settings/dev.py b/conservancy/settings/dev.py index b77d2d078cc4ab80089df86ee8f3af0395a6565f..8a20d6c9564f3e821bd57718bca5988fd6e23106 100644 --- a/conservancy/settings/dev.py +++ b/conservancy/settings/dev.py @@ -3,8 +3,6 @@ from .base import * DEBUG = True ALLOWED_HOSTS = ['*'] -FORCE_CANONICAL_HOSTNAME = False - DATABASES = { 'default': { 'NAME': 'conservancy-website.sqlite3', diff --git a/conservancy/settings/prod.py b/conservancy/settings/prod.py index 365d1ff84b20217fd77802a661b0a1482e5fd212..1a0329557027985cdc2816e279f46cb40ee2624c 100644 --- a/conservancy/settings/prod.py +++ b/conservancy/settings/prod.py @@ -7,8 +7,6 @@ from .base import * DEBUG = False ALLOWED_HOSTS = ['www.sfconservancy.org', 'sfconservancy.org'] -FORCE_CANONICAL_HOSTNAME = 'sfconservancy.org' - ADMINS = [ ('Bradley M. Kuhn', 'sysadmin@sfconservancy.org'), ('Ben Sturmfels', 'sysadmin+conservancy@sturm.com.au'),