From 6a7ebd7e7bd69159f59fb91f22209180ae823a65 Mon Sep 17 00:00:00 2001
From: Max Goodman <max@reddit.com>
Date: Wed, 25 May 2011 16:15:06 -0700
Subject: [PATCH] Load jQuery from a secure source on secure domains.

---
 r2/r2/controllers/reddit_base.py |  1 +
 r2/r2/lib/app_globals.py         |  3 +++
 r2/r2/lib/template_helpers.py    | 14 +++++++++-----
 3 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/r2/r2/controllers/reddit_base.py b/r2/r2/controllers/reddit_base.py
index 74d660f38..d6c764aab 100644
--- a/r2/r2/controllers/reddit_base.py
+++ b/r2/r2/controllers/reddit_base.py
@@ -685,6 +685,7 @@ class RedditController(MinimalController):
                 #can't handle broken cookies
                 request.environ['HTTP_COOKIE'] = ''
 
+        c.secure = request.host in g.secure_domains
         c.firsttime = firsttime()
 
         # the user could have been logged in via one of the feeds 
diff --git a/r2/r2/lib/app_globals.py b/r2/r2/lib/app_globals.py
index 8467168ca..b9f83a506 100644
--- a/r2/r2/lib/app_globals.py
+++ b/r2/r2/lib/app_globals.py
@@ -24,6 +24,7 @@ from pylons import config
 import pytz, os, logging, sys, socket, re, subprocess, random
 import signal
 from datetime import timedelta, datetime
+from urlparse import urlparse
 from pycassa.pool import ConnectionPool as PycassaConnectionPool
 from r2.lib.cache import LocalCache, SelfEmptyingCache
 from r2.lib.cache import CMemcache, StaleCacheChain
@@ -273,6 +274,8 @@ class Globals(object):
 
         self.paths = paths
 
+        self.secure_domains = set([urlparse(self.payment_domain).hostname])
+
         # load the md5 hashes of files under static
         static_files = os.path.join(paths.get('static_files'), 'static')
         self.static_md5 = {}
diff --git a/r2/r2/lib/template_helpers.py b/r2/r2/lib/template_helpers.py
index 6264051f2..555cf2adb 100644
--- a/r2/r2/lib/template_helpers.py
+++ b/r2/r2/lib/template_helpers.py
@@ -60,17 +60,21 @@ def static(file):
         
     return os.path.join(c.site.static_path, file) + v
 
+
+external_resources = {
+    "jquery.js": {
+        True:  lambda: static("jquery.js"),
+        False: lambda: "http://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js"
+    }
+}
+
 def external(name):
     """
     Look up a named external URL from a static mapping. Helper for making
     frequently used URLs consistent across templates.
     """
 
-    resources = {
-        "jquery.js": "http://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js",
-    }
-
-    return resources[name]
+    return external_resources[name][c.secure]()
 
 def generateurl(context, path, **kw):
     if kw: