#16046: Document best practices around using request.is_secure() in reverse proxy environments -------------------------------------+------------------------------------- Reporter: | Owner: nobody adamnelson | Status: new Type: | Component: Documentation Cleanup/optimization | Severity: Normal Milestone: | Keywords: Version: 1.3 | Has patch: 0 Resolution: | Needs tests: 0 Triage Stage: | Easy pickings: 0 Someday/Maybe | Needs documentation: 0 | Patch needs improvement: 0 | -------------------------------------+-------------------------------------
Comment (by adamnelson): django-heroism uses two headers, 'X-Forwarded-Protocol' for what you say, and then X-Magic-Header with a secret value for validation that the headers have not been tampered with. This solves the problem you bring up. -- Ticket URL: <http://code.djangoproject.com/ticket/16046#comment:2> Django <https://code.djangoproject.com/> The Web framework for perfectionists with deadlines. -- You received this message because you are subscribed to the Google Groups "Django updates" group. To post to this group, send email to django-updates@googlegroups.com. To unsubscribe from this group, send email to django-updates+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-updates?hl=en.