Use config variable for setting proxy trust.

Rather than hardcoding domain names, add a SECURE_PROXY_SSL_HEADER variable that provides a trusted HTTP header and value that can be used to determine if we're behind a HTTPS proxy.
author: Matthew Somerville <matthew@mysociety.org> 2015-02-24 09:25:51 +0000
committer: Matthew Somerville <matthew@mysociety.org> 2015-02-24 11:05:28 +0000
commit: 6204281850c0a17840c3abeee6cf9b53f251d8a8 (patch)
tree: c71e09b795750342de503943267baaf20e19e3ec /conf
parent: 032db2fbb6bd2bf0cf0cf2daa379610ab319a6a8 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/conf/general.yml-example b/conf/general.yml-example
index 37e81ad5b..ec053d86d 100644
--- a/conf/general.yml-example
+++ b/conf/general.yml-example
@@ -24,6 +24,10 @@ FMS_DB_PASS: ''
 BASE_URL: 'http://www.example.org'
 # Use the below if you're using the Catalyst development server
 #   BASE_URL: 'http://localhost:3000'
+SECURE_PROXY_SSL_HEADER: ''
+# If you're behind a proxy, set this to a two-element list containing the
+# trusted HTTP header and the required value. For example:
+#   SECURE_PROXY_SSL_HEADER: [ 'X-Forwarded-Proto', 'https' ]
 
 # Email domain used for emails, and contact name/email for admin use.
 EMAIL_DOMAIN: 'example.org'
author	Matthew Somerville <matthew@mysociety.org>	2015-02-24 09:25:51 +0000
committer	Matthew Somerville <matthew@mysociety.org>	2015-02-24 11:05:28 +0000
commit	6204281850c0a17840c3abeee6cf9b53f251d8a8 (patch)
tree	c71e09b795750342de503943267baaf20e19e3ec /conf
parent	032db2fbb6bd2bf0cf0cf2daa379610ab319a6a8 (diff)