diff --git a/lib/galaxy/config/schemas/config_schema.yml b/lib/galaxy/config/schemas/config_schema.yml index aa7f4891936d..624b08cb8e66 100644 --- a/lib/galaxy/config/schemas/config_schema.yml +++ b/lib/galaxy/config/schemas/config_schema.yml @@ -1529,6 +1529,14 @@ mapping: desc: | Prefix to use in the formation of the subdomain or path for interactive tools + interactivetools_verify_ssl: + type: bool + default: false + required: false + desc: | + Do not mark interactive tool endpoint as active until an HTTPS connection + can be established + retry_interactivetool_metadata_internally: type: bool default: true diff --git a/lib/galaxy/managers/interactivetool.py b/lib/galaxy/managers/interactivetool.py index 8cec876ba561..ad04d610102a 100644 --- a/lib/galaxy/managers/interactivetool.py +++ b/lib/galaxy/managers/interactivetool.py @@ -6,6 +6,7 @@ urlunsplit, ) +import requests from sqlalchemy import ( or_, select, @@ -296,6 +297,18 @@ def remove_entry_point(self, entry_point, flush=True): self.sa_session.commit() self.propagator.remove_entry_point(entry_point) + def _ssl_check(self, url): + if self.app.config.interactivetools_verify_ssl: + try: + r = requests.get(url) + except requests.exceptions.SSLError: + return False + if r.status_code == 200: + return True + else: + return False + return True + def target_if_active(self, trans, entry_point): if entry_point.active and not entry_point.deleted: use_it_proxy_host_cfg = ( @@ -315,7 +328,9 @@ def target_if_active(self, trans, entry_point): if not use_it_proxy_host_cfg: return url_path - return urlunsplit((url_parts.scheme, url_host, url_path, "", "")) + end_url = urlunsplit((url_parts.scheme, url_host, url_path, "", "")) + if self._ssl_check(end_url): + return end_url def _get_entry_point_url_elements(self, trans, entry_point): encoder = IdAsLowercaseAlphanumEncodingHelper(trans.security)