fix: Set SECURE_PROXY_SSL_HEADER to trust X-Forwarded-Proto header

This fixes issues with Django failing to recognize we come from a secure https request.
munshkr · Feb 12, 2024 · 69c9b92 · 69c9b92
1 parent e7203c8
commit 69c9b92
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/muxy/settings.py b/muxy/settings.py
@@ -32,6 +32,11 @@
 
 ALLOWED_HOSTS = os.getenv("ALLOWED_HOSTS", "127.0.0.1,localhost").split(",")
 
+# For Docker, we need to trust the X-Forwarded-Proto header, otherwise
+# Django will not detect that the request is secure and will generate
+# http:// URLs.
+SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
+
 # Application definition
 
 INSTALLED_APPS = [