From 6204281850c0a17840c3abeee6cf9b53f251d8a8 Mon Sep 17 00:00:00 2001
From: Matthew Somerville <matthew@mysociety.org>
Date: Tue, 24 Feb 2015 09:25:51 +0000
Subject: Use config variable for setting proxy trust.

Rather than hardcoding domain names, add a SECURE_PROXY_SSL_HEADER
variable that provides a trusted HTTP header and value that can be used
to determine if we're behind a HTTPS proxy.
---
 conf/general.yml-example | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'conf')

diff --git a/conf/general.yml-example b/conf/general.yml-example
index 37e81ad5b..ec053d86d 100644
--- a/conf/general.yml-example
+++ b/conf/general.yml-example
@@ -24,6 +24,10 @@ FMS_DB_PASS: ''
 BASE_URL: 'http://www.example.org'
 # Use the below if you're using the Catalyst development server
 #   BASE_URL: 'http://localhost:3000'
+SECURE_PROXY_SSL_HEADER: ''
+# If you're behind a proxy, set this to a two-element list containing the
+# trusted HTTP header and the required value. For example:
+#   SECURE_PROXY_SSL_HEADER: [ 'X-Forwarded-Proto', 'https' ]
 
 # Email domain used for emails, and contact name/email for admin use.
 EMAIL_DOMAIN: 'example.org'
-- 
cgit v1.2.3