add x-forwarded-proto as secure scheme default

Heroku uses this and it's the only one mentioned in Wikipedia's list of common non-standard headers. http://en.wikipedia.org/wiki/List_of_HTTP_header_fields
2026-01-14 11:09:11 +08:00 · 2012-09-26 11:48:39 -07:00 · 2012-09-26 11:48:39 -07:00 · dde77b73d1
commit dde77b73d1
parent 5f2a946f96
1 changed files with 1 additions and 0 deletions
--- a/gunicorn/config.py
+++ b/gunicorn/config.py
@ -668,6 +668,7 @@ class SecureSchemeHeader(Setting):
    validator = validate_dict
    default = {
        "X-FORWARDED-PROTOCOL": "ssl",
+        "X-FORWARDED-PROTO": "https",
        "X-FORWARDED-SSL": "on"
    }
    desc = """\