id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
6548	django behind apache ssl proxy	laureline.guerin@…	nobody	"I've seen some code in {{{http/__init__.py:get_host}}} function to handle X-FORWARDED-HOST that could be added by an apache proxy.

Unfortunately, there is no way to determine if proxy is acceded in https or http, so an issue occures when django wants to build an url for some Redirect : the url is built using the X-FORWARDED-HOST, but always assume that the proxy is non-SSL.

I think there could be some solutions to solve this issue :
 * Remove test for X-FORWARDED-HOST in get_host, apache mod_proxy is designed to rewrite Location headers (used in redirect)
 * If some people want to have X-FORWARDED-HOST handled in get_host, then add a setting to enable or disable it
 * add a setting like 'HTTPS_PROXY=on' that would work like HTTPS=ON"		closed	HTTP handling	dev		duplicate		anball@…	Design decision needed	0	0	0	0	0	0