New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add a FORCE_URL_SCHEME option #481
Comments
I've just hit the problem that my application is generating a http url even though |
@pwaller Most likely a misconfiguration of your reverse-proxying. Check your WSGI environment with |
Hm. It's behind an amazon ELB. |
(And therefore I think that X-Forwarded-Proto should be set for us...) |
Yes, and you need to use the ProxyFix for this. The reason for this behavior not being the default is that this header might not be set in some configurations, in which case the HTTP client can forge this and related headers. |
Ah yes. Thanks :) |
It sounds like @pwaller's issue was resolved. But I assume this is still something we want to get working for 1.0? |
I think nowadays people use different means of enforcing HTTPS, so this might not be that necessary. Still a nice feature to have. |
I am at the pycon sprints, I am going to see if I can add a config flag for adding this. |
I don't really see the value here myself as it feels like something better handled at the webserver layer... my vote is to forgo this. |
It should be possible to force the URL scheme to https for all things. That includes URL generation as well as automatic redirect checks on all requests.
The text was updated successfully, but these errors were encountered: