id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
29033	Sitemap framework does not properly detect secure requests	Matt Magin	nobody	"Django settings provides the option of overriding the detected protocol by setting SECURE_PROXY_SSL_HEADER, however contrib.sitemaps just defaults to 'http' if the protocol in the Sitemap class is not overridden. 

Ideally contrib.sitemaps would use the request.is_secure() method to detect the protocol in the request and default to that instead.

I would be happy to provide a patch but I feel some discussion is required. The sitemap.xml views are easily fixed, however complexity is added when updating the defaults in get_urls on the Sitemap object as it doesn't have access to the request object. "	Bug	closed	contrib.sitemaps	2.0	Normal	needsinfo			Unreviewed	0	0	0	0	0	0