Mercurial > kallithea

diff docs/setup.rst @ 4448:8e26c46e9abe

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
https: introduce https_fixup config setting to enable the special https hacks Without https_fixup, correctly configured WSGI systems work correctly. The https_fixup middleware will only be loaded when enabled in the configuration.
author Mads Kiilerich <madski@unity3d.com>
date Tue, 12 Aug 2014 13:08:23 +0200
parents e73a69cb98dc
children a68fc4abeda3
line wrap: on
line diff
--- a/docs/setup.rst	Tue Aug 12 13:08:23 2014 +0200
+++ b/docs/setup.rst	Tue Aug 12 13:08:23 2014 +0200
@@ -514,13 +514,15 @@
 HTTPS support
 -------------
 
-There are two ways to enable https:
+Kallithea will by default generate URLs based on the WSGI environment.
+
+Alternatively, you can use some special configuration settings to control
+directly which scheme/protocol Kallithea will use when generating URLs:
 
-- Set HTTP_X_URL_SCHEME in your http server headers, than Kallithea will
-  recognize this headers and make proper https redirections
-- Alternatively, change the `force_https = true` flag in the ini configuration
-  to force using https, no headers are needed than to enable https
-
+- With `https_fixup = true`, the scheme will be taken from the HTTP_X_URL_SCHEME,
+  HTTP_X_FORWARDED_SCHEME or HTTP_X_FORWARDED_PROTO HTTP header (default 'http').
+- With `force_https = true` the default will be 'https'.
+- With `use_htsts = true`, it will set Strict-Transport-Security when using https.
 
 Nginx virtual host example
 --------------------------