Skip to content

Commit

Permalink
feat: recognize HTTPS via proxy (#7765)
Browse files Browse the repository at this point in the history
* feat: set SECURE_PROXY_SSL_HEADER

* chore: update comment
  • Loading branch information
jennifer-richards authored Aug 5, 2024
1 parent 0b445a9 commit b13a606
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions k8s/settings_local.py
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,13 @@ def _multiline_to_list(s):
# Default to "development". Production _must_ set DATATRACKER_SERVER_MODE="production" in the env!
SERVER_MODE = os.environ.get("DATATRACKER_SERVER_MODE", "development")

# Use X-Forwarded-Proto to determine request.is_secure(). This relies on CloudFlare overwriting the
# value of the header if an incoming request sets it, which it does:
# https://developers.cloudflare.com/fundamentals/reference/http-request-headers/#x-forwarded-proto
# See also, especially the warnings:
# https://docs.djangoproject.com/en/dev/ref/settings/#secure-proxy-ssl-header
SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")

# Secrets
_SECRET_KEY = os.environ.get("DATATRACKER_DJANGO_SECRET_KEY", None)
if _SECRET_KEY is not None:
Expand Down

1 comment on commit b13a606

@Javs33

This comment was marked as spam.

Please sign in to comment.