Mercurial > kallithea
comparison docs/setup.rst @ 4448:8e26c46e9abe
https: introduce https_fixup config setting to enable the special https hacks
Without https_fixup, correctly configured WSGI systems work correctly.
The https_fixup middleware will only be loaded when enabled in the configuration.
author | Mads Kiilerich <madski@unity3d.com> |
---|---|
date | Tue, 12 Aug 2014 13:08:23 +0200 |
parents | e73a69cb98dc |
children | a68fc4abeda3 |
comparison
equal
deleted
inserted
replaced
4447:e30401bac6e1 | 4448:8e26c46e9abe |
---|---|
512 user that Kallithea runs. | 512 user that Kallithea runs. |
513 | 513 |
514 HTTPS support | 514 HTTPS support |
515 ------------- | 515 ------------- |
516 | 516 |
517 There are two ways to enable https: | 517 Kallithea will by default generate URLs based on the WSGI environment. |
518 | 518 |
519 - Set HTTP_X_URL_SCHEME in your http server headers, than Kallithea will | 519 Alternatively, you can use some special configuration settings to control |
520 recognize this headers and make proper https redirections | 520 directly which scheme/protocol Kallithea will use when generating URLs: |
521 - Alternatively, change the `force_https = true` flag in the ini configuration | 521 |
522 to force using https, no headers are needed than to enable https | 522 - With `https_fixup = true`, the scheme will be taken from the HTTP_X_URL_SCHEME, |
523 | 523 HTTP_X_FORWARDED_SCHEME or HTTP_X_FORWARDED_PROTO HTTP header (default 'http'). |
524 - With `force_https = true` the default will be 'https'. | |
525 - With `use_htsts = true`, it will set Strict-Transport-Security when using https. | |
524 | 526 |
525 Nginx virtual host example | 527 Nginx virtual host example |
526 -------------------------- | 528 -------------------------- |
527 | 529 |
528 Sample config for nginx using proxy:: | 530 Sample config for nginx using proxy:: |