Subdomains use HTTPS if settings specify #3987
Conversation
|
👍 |
|
Would it be possible to have PUBLIC_DOMAIN_USES_HTTPS default to True for new RTD projects (and set to False for existing projects)? |
|
I think there's some confusion about what Some people run the readthedocs open source project on their own infrastructure. They may or may not have SSL certificates. Likewise if this code is run locally, it shouldn't generate a HTTPS link to localhost. That's why this will default to false. However, in production, this will be true. |
|
Ah, sorry, I thought it was a per-project setting. Never mind! |
The per project part of it is that it won't apply to people using custom domains until we can support Let's Encrypt. Then we'll just change this to always use HTTPS in production. |
| @override_settings( | ||
| PRODUCTION_DOMAIN='readthedocs.org', | ||
| PUBLIC_DOMAIN='readthedocs.io', | ||
| PUBLIC_DOMAIN_USES_HTTPS=True, |
There was a problem hiding this comment.
Instead of override this outside the method you may use with inside the method and test the same cases you are testing now, but using PUBLIC_DOMAIN_USES_HTTPS=False and test that in that case both are http
There was a problem hiding this comment.
That's a pretty good idea.
|
I'm wondering if I should somehow make the setting generic enough where it can later apply to custom domains or whether that will be a separate setting. |
I don't want to overengineer this for now. I think we'll decide that when we add Let's Encrypt support. Whether we need another setting or we slightly tweak the purpose of this one, I think it'll be fine. |
|
This should go out in a deploy early next week. 🎆 |
This PR adds an option
PUBLIC_DOMAIN_USES_HTTPSwhich if set will make all "view docs" links and everywhere that uses the resolver (eg. the version selector menu) default to HTTPS for*.readthedocs.iodomains. We know there is a valid certificate for these and so our generated links should use HTTPS.This is step 1/5 on on getting to HTTPS everywhere:
#3282 (comment)