Django with nginx and detecting https

2012-10-28 at 11:18:12 | categories: tips, linux

Django and using is_secure behind nginx

In one of my project I use is_secure() method of django's HttpRequest class to figure out if we are using http or https. I need that for generating a proper links which are sent via e-mail.

It worked great until I deployed that on server (nginx + gunicorn). Usually (and in my case too) the connection between nginx and gunicorn is not https so is_secure() always returned false.

Solution to that was simple thanks to the new feature introduced in Django 1.4:

SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL', 'https')

Setting the option above and making sure that nginx sets that header (proxy_set_header X-Forwarded-Protocol $scheme) did the trick.