Flask Snippets

Snippets are unofficial and unmaintained.

This is an archived view of user-submitted snippets. Despite being hosted on the Flask site, they are not official. No Flask maintainer has curated or checked the snippets for security, correctness, or design.

How to serve HTTPS *directly* from Flask (no nginx, no apache, no gunicorn)

Posted by 0byte on 2013-05-03 @ 13:42 and filed in Security

This is a great tip for debugging your HTTPS-enabled application.

Create a SSL context (http://werkzeug.pocoo.org/docs/serving/)

from OpenSSL import SSL
context = SSL.Context(SSL.SSLv23_METHOD)
context.use_privatekey_file('yourserver.key')
context.use_certificate_file('yourserver.crt')

then

app.run(host='127.0.0.1',port='12344', 
        debug = False/True, ssl_context=context)

Linux-related:

there is a confirmed bug in pyOpenSSL that generates a runtime error: https://bugs.launchpad.net/pyopenssl/+bug/900792

The workaround is to put these 2 lines in werkzeug/serving.py

in class BaseWSGIServer(HTTPServer, object):
...
 def shutdown_request(self,request):
        request.shutdown()

enjoy,

0byte

This snippet by 0byte can be used freely for anything you like. Consider it public domain.

Comments