set HTTP_X_FORWARDED_PROTO in .env

This fixes #2397. The description in .env is whith a warning and a link to the official documentation about what this setting is doing if set to true.
2022-11-19 17:54:44 +01:00 · 2022-11-19 17:54:44 +01:00 · 238a1b0e88
commit 238a1b0e88
parent c5fb710f29
2 changed files with 10 additions and 0 deletions
--- a/.env.example
+++ b/.env.example
@ -108,3 +108,10 @@ OTEL_EXPORTER_OTLP_ENDPOINT=
 OTEL_EXPORTER_OTLP_HEADERS=
 # Service name to identify your app
 OTEL_SERVICE_NAME=
+
+# Set HTTP_X_FORWARDED_PROTO ONLY to true if you know what you are doing.
+# Only use it if your proxy is "swalloing" if the original request was made
+# via https. Please refer to the Django-Documentation and assess the risks
+# for your instance:
+# https://docs.djangoproject.com/en/3.2/ref/settings/#secure-proxy-ssl-header
+HTTP_X_FORWARDED_PROTO=false