Mercurial > kallithea
comparison docs/setup.rst @ 4448:8e26c46e9abe
https: introduce https_fixup config setting to enable the special https hacks
Without https_fixup, correctly configured WSGI systems work correctly.
The https_fixup middleware will only be loaded when enabled in the configuration.
| author | Mads Kiilerich <madski@unity3d.com> |
|---|---|
| date | Tue, 12 Aug 2014 13:08:23 +0200 |
| parents | e73a69cb98dc |
| children | a68fc4abeda3 |
comparison
equal
deleted
inserted
replaced
| 4447:e30401bac6e1 | 4448:8e26c46e9abe |
|---|---|
| 512 user that Kallithea runs. | 512 user that Kallithea runs. |
| 513 | 513 |
| 514 HTTPS support | 514 HTTPS support |
| 515 ------------- | 515 ------------- |
| 516 | 516 |
| 517 There are two ways to enable https: | 517 Kallithea will by default generate URLs based on the WSGI environment. |
| 518 | 518 |
| 519 - Set HTTP_X_URL_SCHEME in your http server headers, than Kallithea will | 519 Alternatively, you can use some special configuration settings to control |
| 520 recognize this headers and make proper https redirections | 520 directly which scheme/protocol Kallithea will use when generating URLs: |
| 521 - Alternatively, change the `force_https = true` flag in the ini configuration | 521 |
| 522 to force using https, no headers are needed than to enable https | 522 - With `https_fixup = true`, the scheme will be taken from the HTTP_X_URL_SCHEME, |
| 523 | 523 HTTP_X_FORWARDED_SCHEME or HTTP_X_FORWARDED_PROTO HTTP header (default 'http'). |
| 524 - With `force_https = true` the default will be 'https'. | |
| 525 - With `use_htsts = true`, it will set Strict-Transport-Security when using https. | |
| 524 | 526 |
| 525 Nginx virtual host example | 527 Nginx virtual host example |
| 526 -------------------------- | 528 -------------------------- |
| 527 | 529 |
| 528 Sample config for nginx using proxy:: | 530 Sample config for nginx using proxy:: |