fixed in latest head : pass an Http header to gunicorn :

X-Forwarded-Protocol=https or X-Forwarded-Ssl=on

Thanks for the feedback.

• benoit

I set the X-Forwarded-Protocol to https in nginx config. I see that request.META.get('HTTP_X_FORWARDED_PROTOCOL') returns 'https'. But request.is_secure() is still false. Is it ok to write a decorator to check HTTP_X_FORWARDED_PROTOCOL and perform redirects to https ? or is there is a plan to get is_secure working in future.

Try adding the X-Forwarded-Ssl=on too.

what are the worker and gunicorn version you're using ? What is the result of wsgi.url_scheme ? Please open a new issue about it btw.

Oh it seems that your http headers are wrong. To have wsgi.url_scheme = "https" use X-Forwarded-Protocol: ssl or X-Forwarded-Ssl: on headers.

I am using gunicorn 0.10 (yesterday's master). Currently my wsgi.url_scheme is http. I ll set the X-Forwarded-Protocol to ssl and let you how it works.

Alright I configured nginx to set X-Forwarded-Protocol one time and X-Forwarded-Ssl the other time.

request.is_secure() is false in both cases. However this how request.META has

'HTTP_X_FORWARDED_PROTOCOL': 'ssl',
'wsgi.url_scheme': 'http',
'HTTP_X_FORWARDED_SSL': 'on'

which worker ?

Perhaps even more importantly, which version of Django? I'm almost positive that request.is_secure() has changed in the last few releases, we had a similar problem.

Sorry for the delay. I tried to push SSL on our prod servers and had problems with the config. Had to rollback. I will post my config in the next couple of days and explain in detail

I just stumbled upon this thread, i thought this might be relevant: http://github.com/rossdakin/django-heroism

Relevant Django ticket: http://code.djangoproject.com/ticket/14597