Django and using is_secure behind nginx
In one of my project I use is_secure() method of django's HttpRequest class to figure out if we are using http or https. I need that for generating a proper links which are sent via e-mail.
It worked great until I deployed that on server (nginx + gunicorn). Usually (and in my case too) the connection between
nginx and gunicorn is not https so
is_secure() always returned false.
Solution to that was simple thanks to the new feature introduced in Django 1.4:
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL', 'https')
Setting the option above and making sure that nginx sets that header (
proxy_set_header X-Forwarded-Protocol $scheme)
did the trick.