[Catalyst-dev] Re: The RequireSSL problem

Aristotle Pagaltzis pagaltzis at gmx.de
Wed Dec 26 18:25:17 GMT 2012 

* Jesse Sheidlower <jester at panix.com> [2012-12-26 15:45]:
> On Wed, Dec 26, 2012 at 03:19:42AM +0100, Aristotle Pagaltzis wrote:
> > I extracted Plack::Middleware::RedirectSSL just the other day from
> > the $work code base and released it to the CPAN tonight. Will that
> > fit your bill?
>
> Not sure--I don't use Plack directly and can't quickly learn enough
> about it to see--but it seems to me that this will just change _all_
> requests to one scheme or another. What I need, and what I'd imagine
> most people would want, is the ability to handle this in a Catalyst
> controller, on an as-needed basis.

It will indeed change all of them. Though if you want to redirect some
part of your URL space only, or only a particular host, etc., you can
always wrap it in Plack::Middleware::Conditional to limit it to those
parts of your app.

If you needs are more dynamic, though – if sometimes you want the same
URL served under SSL and sometimes not –, then doing it at the level of
Catalyst actions is probably going to be easier.

For me that is not the case. I have one host for the main app which is
supposed to run all-HTTPS, a bunch of other hosts that are open to the
general public and are supposed to be HTTP, and some hosts for assets
which are used from both the private and public parts of the app and
must therefore respond to both protocols. So I have 3 different PSGI
apps – one Cat app for the login-only site, one Cat app for the public
sites, and Plack::App::File for the assets – and my two Cat apps are
both wrapped in RedirectSSL middlewares (one of them with ssl=1 and one
with ssl=0), and the entire conglomerate is bound together using
a Plack::App::URLMap that does the host-based dispatching for me.

So for certain shapes of complexity, you can handle those very well at
the PSGI layer – arguably much better than at the Catalyst action level.
(I am a lot happier now than I was before when I was doing all the same
thing (minus asset hosts) entirely within a single Cat app, and had to
go out of my way to twist the Cat dispatcher into it.)

It really depends on what exactly you need to do.

Regards,
-- 
Aristotle Pagaltzis // <http://plasmasturm.org/>

More information about the Catalyst-dev mailing list