openstack
/
horizon
Code Issues Proposed changes

incorrect SSL header used in example config 

Updating the example local_settings.py to have HTTP_X_FORWARDED_PROTO in
addition to HTTP_X_FORWARDED_PROTOCOL.  Only Django 1.4 uses
HTTP_X_FORWARDED_PROTOCOL and Django 1.5 and up uses HTTP_X_FORWARDED_PROTO
which is probably the majority of installations.

Closes-bug: #1446836
Change-Id: Iebb854cf5e5586c6613b5755d4641ee896056334
This commit is contained in:
Alex Chan 2015-04-21 13:28:26 -07:00
parent a6748c94fd
commit 74b384b2fe
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
openstack_dashboard/local/local_settings.py.example
View File

@ -33,6 +33,8 @@ WEBROOT = '/'
# For more information see:
# https://docs.djangoproject.com/en/1.4/ref/settings/#secure-proxy-ssl-header
#SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL', 'https')
# https://docs.djangoproject.com/en/1.5/ref/settings/#secure-proxy-ssl-header
#SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
# If Horizon is being served through SSL, then uncomment the following two
# settings to better secure the cookies from security exploits