Mercurial > kallithea
diff docs/setup.rst @ 4448:8e26c46e9abe
https: introduce https_fixup config setting to enable the special https hacks
Without https_fixup, correctly configured WSGI systems work correctly.
The https_fixup middleware will only be loaded when enabled in the configuration.
author | Mads Kiilerich <madski@unity3d.com> |
---|---|
date | Tue, 12 Aug 2014 13:08:23 +0200 |
parents | e73a69cb98dc |
children | a68fc4abeda3 |
line wrap: on
line diff
--- a/docs/setup.rst Tue Aug 12 13:08:23 2014 +0200 +++ b/docs/setup.rst Tue Aug 12 13:08:23 2014 +0200 @@ -514,13 +514,15 @@ HTTPS support ------------- -There are two ways to enable https: +Kallithea will by default generate URLs based on the WSGI environment. + +Alternatively, you can use some special configuration settings to control +directly which scheme/protocol Kallithea will use when generating URLs: -- Set HTTP_X_URL_SCHEME in your http server headers, than Kallithea will - recognize this headers and make proper https redirections -- Alternatively, change the `force_https = true` flag in the ini configuration - to force using https, no headers are needed than to enable https - +- With `https_fixup = true`, the scheme will be taken from the HTTP_X_URL_SCHEME, + HTTP_X_FORWARDED_SCHEME or HTTP_X_FORWARDED_PROTO HTTP header (default 'http'). +- With `force_https = true` the default will be 'https'. +- With `use_htsts = true`, it will set Strict-Transport-Security when using https. Nginx virtual host example --------------------------