Set SECURE_PROXY_SSL_HEADER appropriately in settings (#1767)

2026-01-19 04:42:17 +00:00 · 2025-05-05 14:05:04 -04:00
parent e00d6a7cfb
commit 25dab4a174
2 changed files with 6 additions and 12 deletions
--- a/config/settings.py
+++ b/config/settings.py
@@ -388,20 +388,11 @@ if LOCAL_DEVELOPMENT:
        ]


-# Allow Allauth to use HTTPS when deployed but HTTP for local dev
-SECURE_PROXY_SSL_HEADER_NAME = env("SECURE_PROXY_SSL_HEADER_NAME", default=None)
-SECURE_PROXY_SSL_HEADER_VALUE = env("SECURE_PROXY_SSL_HEADER_VALUE", default=None)
-SECURE_SSL_REDIRECT = env("SECURE_SSL_REDIRECT", default=False)
-
 if not LOCAL_DEVELOPMENT:
    ACCOUNT_DEFAULT_HTTP_PROTOCOL = "https"
-
-if all(
-    [SECURE_PROXY_SSL_HEADER_NAME, SECURE_PROXY_SSL_HEADER_VALUE, SECURE_SSL_REDIRECT]
-):
    SECURE_PROXY_SSL_HEADER = (
-        SECURE_PROXY_SSL_HEADER_NAME,
-        SECURE_PROXY_SSL_HEADER_VALUE,
+        "HTTP_X_FORWARDED_PROTO",
+        ACCOUNT_DEFAULT_HTTP_PROTOCOL,
    )

 # Admin banner configuration
--- a/core/views.py
+++ b/core/views.py
@@ -585,6 +585,10 @@ class ModernizedDocsView(View):
    """Special case view for handling sub-pages of the Boost.Preprocessor docs."""

    def get(self, request, content_path):
+        # Temporary log
+        logger.info(f"{request.is_secure() = }")
+        logger.info(f"{request.META.get('HTTP_X_FORWARDED_PROTO') = }")
+
        soup, response = self._load_and_transform_html(content_path, request)
        if response:
            return response  # Early return for non-HTML content
@@ -594,7 +598,6 @@ class ModernizedDocsView(View):
        self._inject_script(soup)

        html = str(soup)
-        print(f"Returning {len(html)} bytes of transformed HTML")
        return HttpResponse(html, content_type="text/html")

    def _load_and_transform_html(self, content_path, request):