Bugfix endless redirect loop, by adding SECURE_PROXY_SSL_HEADER to settings

README.md

@@ -147,8 +147,10 @@ e.g.:
 
 ## history
 
-* [compare v0.2.0...master](https://github.com/jedie/django_yunohost_integration/compare/v0.2.0...master) **dev**
+* [compare v0.2.0...master](https://github.com/jedie/django_yunohost_integration/compare/v0.2.1...master) **dev**
   * tbc
+* [v0.2.1 - 16.09.2021](https://github.com/jedie/django_yunohost_integration/compare/v0.2.0...v0.2.1)
+  * Bugfix endless redirect loop, by adding `SECURE_PROXY_SSL_HEADER` to settings
 * [v0.2.0 - 15.09.2021](https://github.com/jedie/django_yunohost_integration/compare/v0.1.5...v0.2.0)
   * rename/split `django_ynh` into:
     * [django_yunohost_integration](https://github.com/jedie/django_yunohost_integration) - Python package with the glue code to integrate a Django project with YunoHost

django_yunohost_integration/__init__.py

@@ -1 +1 @@
-__version__ = '0.2.0'
+__version__ = '0.2.1'

django_yunohost_integration/base_settings.py

@@ -87,6 +87,10 @@
 # Mark session cookie as "secure" -> browsers sent cookie only with an HTTPS connection:
 SESSION_COOKIE_SECURE = True
 
+# HTTP header/value combination that signifies a request is secure
+# Your nginx.conf must set "X-Forwarded-Protocol" proxy header!
+SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL', 'https')
+
 # SecurityMiddleware should redirects all non-HTTPS requests to HTTPS:
 SECURE_SSL_REDIRECT = True
 

pyproject.toml

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "django_yunohost_integration"
-version = "0.2.0"
+version = "0.2.1"
 description = "Glue code to package django projects as yunohost apps."
 authors = ["JensDiemer <git@jensdiemer.de>"]
 license = "GPL"