How does Pyramid know what protocol to render on request.static_url?

Question

Suppose I have a template that has this line:

<script src="${request.static_url('appname:static/app/scripts/somescript.js')}"></script>

I have 2 environments. On one env when you request the page using https - request.static_url renders https script src. On the second env - when I request the page using https - it renders http for some reason. Chrome then throws errors because the page wants to download scripts using http on a page that was loaded with https.

Where does Pyramid take the protocol from? How do I make it take the protocol the page was loaded with?

I know that I can give the add_static_view an absolute url but I prefer a cleaner solution of course.

Answer 1

Pyramid uses the WSGI environment to get the wsgi.url_scheme. You may learn more about the WSGI environment on https://WSGI.org.

The environment in Pyramid comes from the Request object, and is available within your application as request.environ. It's a dictionary, and thus you can get the current URL scheme with:

request.environ['wsgi.url_scheme']

It is up to the application server to properly build the WSGI environment upon receiving an incoming request. This can cause problems if for example you are using a reverse proxy, and don't properly pass along the scheme used to connect to the reverse proxy.

Waitress, the WSGI server used by default by Pyramid has good documentation on middleware that can help solve that problem: http://waitress.readthedocs.org/en/latest/#using-behind-a-reverse-proxy