Django -- Incorrect HTTP detection with reverse-proxy connecting via HTTPS
Django security releases issued:
When deployed behind a reverse-proxy connecting to Django via HTTPS,
django.http.HttpRequest.scheme would incorrectly detect client requests
made via HTTP as using HTTPS. This entails incorrect results for is_secure(),
and build_absolute_uri(), and that HTTP requests would not be redirected to
HTTPS in accordance with SECURE_SSL_REDIRECT.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright