Load jQuery from a secure source on secure domains.

r2/r2/controllers/reddit_base.py

@@ -685,6 +685,7 @@ class RedditController(MinimalController):
                 #can't handle broken cookies
                 request.environ['HTTP_COOKIE'] = ''
 
+        c.secure = request.host in g.secure_domains
         c.firsttime = firsttime()
 
         # the user could have been logged in via one of the feeds 

r2/r2/lib/app_globals.py

@@ -24,6 +24,7 @@ from pylons import config
 import pytz, os, logging, sys, socket, re, subprocess, random
 import signal
 from datetime import timedelta, datetime
+from urlparse import urlparse
 from pycassa.pool import ConnectionPool as PycassaConnectionPool
 from r2.lib.cache import LocalCache, SelfEmptyingCache
 from r2.lib.cache import CMemcache, StaleCacheChain
@@ -273,6 +274,8 @@ class Globals(object):
 
         self.paths = paths
 
+        self.secure_domains = set([urlparse(self.payment_domain).hostname])
+
         # load the md5 hashes of files under static
         static_files = os.path.join(paths.get('static_files'), 'static')
         self.static_md5 = {}

r2/r2/lib/template_helpers.py

@@ -60,17 +60,21 @@ def static(file):
         
     return os.path.join(c.site.static_path, file) + v
 
+
+external_resources = {
+    "jquery.js": {
+        True:  lambda: static("jquery.js"),
+        False: lambda: "http://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js"
+    }
+}
+
 def external(name):
     """
     Look up a named external URL from a static mapping. Helper for making
     frequently used URLs consistent across templates.
     """
 
-    resources = {
-        "jquery.js": "http://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js",
-    }
-
-    return resources[name]
+    return external_resources[name][c.secure]()
 
 def generateurl(context, path, **kw):
     if kw: