Changes between Version 5 and Version 6 of Ticket #27961


Ignore:
Timestamp:
03/23/2017 11:06:58 AM (21 months ago)
Author:
Tim Graham
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #27961 – Description

    v5 v6  
    221. Both default settings:
    33Nginx setting: `proxy_set_header X-Forwarded-Proto $scheme;`
    4 Django setting: ~~`HTTP_X_FORWARDED_PROTO=None`~~ `SECURE_PROXY_SSL_HEADER = None`
     4Django setting: `SECURE_PROXY_SSL_HEADER = None`
    55Result: ''No redirect.'' I'm not getting a ''ERR_TOO_MANY_REDIRECTS'' complain from Chrome.
    66
    772. Use default setting in nginx; use a wrong setting in Django, i.e. the 'httpsssss' part:
    88`proxy_set_header X-Forwarded-Proto $scheme;`
    9 ~~`HTTP_X_FORWARDED_PROTO='httpssssssss'`~~ SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'httpssssssss')
     9`SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'httpssssssss')`
    1010''No redirect.''
    1111
    12123. Use default setting in nginx; use a wrong setting in Django:
    1313`proxy_set_header X-Forwarded-Proto $scheme;`
    14 ~~`HTTP_X_FORWARDED_PROTASDF='httpssssssss'`~~ SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTASDF', 'httpssssssss')
     14`SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTASDF', 'httpssssssss')`
    1515''No redirect.''
    1616
    17174. Use custom HTTPS indicator in both nginx and Django:
    1818proxy_set_header X-Forwarded-Protooo $scheme;
    19 ~~`HTTP_X_FORWARDED_PROTOOO='https'`~~ SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOOO', 'https')
     19`SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOOO', 'https')`
    2020''No redirect.'' This is the expected behavior.
    2121
    22225. Use custom HTTPS indicator in both nginx and Django, and testing for a unsafe protocol ( != 'https'):
    2323proxy_set_header X-Forwarded-Protooo $scheme;
    24 ~~`HTTP_X_FORWARDED_PROTOOO='httpsssss'`~~ SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOOO', 'httpsssss')
     24`SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOOO', 'httpsssss')`
    2525Chrome complains ''ERR_TOO_MANY_REDIRECTS''. This is the expected behavior.
    2626
    27276. A fix testing by myself:
    28 Add an else clause under [these lines](https://github.com/django/django/blob/master/django/http/request.py#L196-L197).
     28Add an else clause under [https://github.com/django/django/blob/001cf53280f7e2b72199237f37c340d2639fe143/django/http/request.py#L196-L197 these lines].
    2929
    3030{{{
     
    3535And set:
    3636`proxy_set_header X-Forwarded-Proto $scheme;`
    37 ~~`HTTP_X_FORWARDED_PROTO='httpssssssss'`~~ SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'httpssssssss')
     37`SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'httpssssssss')`
    3838Chrome would report the expected ''ERR_TOO_MANY_REDIRECTS''.
    3939 
Back to Top