Re: [Django] #35800: Clarify SECURE_PROXY_SSL_HEADER as it relates to the wsgi.url_scheme environ

[Django]

#35800: Clarify SECURE_PROXY_SSL_HEADER as it relates to the wsgi.url_scheme
environ
-------------------------------------+-------------------------------------
     Reporter:  Klaas van Schelven   |                    Owner:  (none)
         Type:                       |                   Status:  closed
  Cleanup/optimization               |
    Component:  HTTP handling        |                  Version:  5.1
     Severity:  Normal               |               Resolution:
                                     |  worksforme
     Keywords:                       |             Triage Stage:
                                     |  Unreviewed
    Has patch:  0                    |      Needs documentation:  0
  Needs tests:  0                    |  Patch needs improvement:  0
Easy pickings:  0                    |                    UI/UX:  0
-------------------------------------+-------------------------------------
Comment (by Klaas van Schelven):

 I don't think I've made myself clear. you may read the first sentence of
 my issue-report as:

 > Looking at the documentation of
 [https://docs.djangoproject.com/en/5.1/ref/settings/#secure-proxy-ssl-
 header SECURE_PROXY_SSL_HEADER] it seems this is an absolutely required
 setting to get `is_secure` working correctly when behind a proxy **and
 this proxy communicates with the backend server over a different protocol
 as it uses to communicate with the end-user.**

 That is, I understand the part of the docs where it says the proxy *may*
 be swallowing https perfectly well... and I agree it's correct.

 My issue is with what follows: I don't see any indication in the docs that
 if such swallowing happens, things could still magically work out. I gave
 one such path: inspecting ​wsgi.url_scheme by Django, and setting it by
 Gunicorn.

 Having said that... I've said what I wanted to say here; perhaps it will
 be useful to others in the future.
-- 
Ticket URL: <https://code.djangoproject.com/ticket/35800#comment:2>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/010701924451d0bf-9893f5b0-3dab-4df9-8883-4df6ce54bddc-000000%40eu-central-1.amazonses.com.