mirror of
https://github.com/bookwyrm-social/bookwyrm.git
synced 2024-12-25 17:40:35 +00:00
set HTTP_X_FORWARDED_PROTO in .env
This fixes #2397. The description in .env is whith a warning and a link to the official documentation about what this setting is doing if set to true.
This commit is contained in:
parent
c5fb710f29
commit
238a1b0e88
2 changed files with 10 additions and 0 deletions
|
@ -108,3 +108,10 @@ OTEL_EXPORTER_OTLP_ENDPOINT=
|
|||
OTEL_EXPORTER_OTLP_HEADERS=
|
||||
# Service name to identify your app
|
||||
OTEL_SERVICE_NAME=
|
||||
|
||||
# Set HTTP_X_FORWARDED_PROTO ONLY to true if you know what you are doing.
|
||||
# Only use it if your proxy is "swalloing" if the original request was made
|
||||
# via https. Please refer to the Django-Documentation and assess the risks
|
||||
# for your instance:
|
||||
# https://docs.djangoproject.com/en/3.2/ref/settings/#secure-proxy-ssl-header
|
||||
HTTP_X_FORWARDED_PROTO=false
|
||||
|
|
|
@ -364,3 +364,6 @@ OTEL_EXPORTER_OTLP_HEADERS = env("OTEL_EXPORTER_OTLP_HEADERS", None)
|
|||
OTEL_SERVICE_NAME = env("OTEL_SERVICE_NAME", None)
|
||||
|
||||
TWO_FACTOR_LOGIN_MAX_SECONDS = 60
|
||||
|
||||
if HTTP_X_FORWARDED_PROTO:
|
||||
SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
|
||||
|
|
Loading…
Reference in a new issue