id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
12043	Incorrect redirect to http instead of https	admin@…	nobody	"
To reproduce on a secure django website - Django (1.1)/mod_wsgi (2.5)/Python (2.5):

  1. Verify that https://secure.example.com/admin/ works
  2. Now try https://secure.example.com/admin
  3. Note that it has redirected to http://secure.example.com/admin instead of https://secure.example.com/admin/

This also happens in various other circumstances where Django decides to do a redirect for you.  E.g. after logging out and back in.

This is probably caused by [http://code.djangoproject.com/changeset/3410 changeset 3410] - fix for [http://code.djangoproject.com/ticket/2092 ticket 2092].  Please take a look at these for insight.

Humorous note: The following rather dubious hack works great for me because all of my pages are https :)

{{{
    # Not recommended for general use!
    def is_secure(self):
        return True
}}}

The correct fix will involve figuring out the correct detection of the url scheme in all cases.

"	Uncategorized	closed	Core (Other)	1.1	Normal	invalid	redirect http https		Unreviewed	0	0	0	0	0	0