Showing
1 changed file
with
13 additions
and
4 deletions
| 1 | -from flask import request, redirect | 1 | +from flask import request, redirect, url_for |
| 2 | from functools import wraps | 2 | from functools import wraps |
| 3 | import bleach | 3 | import bleach |
| 4 | from utils.logger import app_logger as logging | 4 | from utils.logger import app_logger as logging |
| @@ -23,9 +23,18 @@ def require_https(): | @@ -23,9 +23,18 @@ def require_https(): | ||
| 23 | def decorator(f): | 23 | def decorator(f): |
| 24 | @wraps(f) | 24 | @wraps(f) |
| 25 | def decorated_function(*args, **kwargs): | 25 | def decorated_function(*args, **kwargs): |
| 26 | - if not request.is_secure and not request.is_localhost: | ||
| 27 | - url = request.url.replace('http://', 'https://', 1) | ||
| 28 | - return redirect(url, code=301) | 26 | + if not request.is_secure and not getattr(request, 'is_localhost', False): |
| 27 | + # 使用 _external=True 和 _scheme='https' 生成完整的 HTTPS URL | ||
| 28 | + secure_url = url_for( | ||
| 29 | + request.endpoint, | ||
| 30 | + _external=True, | ||
| 31 | + _scheme='https', | ||
| 32 | + **request.view_args | ||
| 33 | + ) | ||
| 34 | + # 添加查询参数 | ||
| 35 | + if request.query_string: | ||
| 36 | + secure_url = f"{secure_url}?{request.query_string.decode('utf-8')}" | ||
| 37 | + return redirect(secure_url, code=301) | ||
| 29 | return f(*args, **kwargs) | 38 | return f(*args, **kwargs) |
| 30 | return decorated_function | 39 | return decorated_function |
| 31 | return decorator | 40 | return decorator |
-
Please register or login to post a comment