request.is_secure() 在双重代理后面返回 False

Question

如何让request.is_secure() 在双重代理后面显示为真？

目前，有一个仅 https 的 nginx 是公开的，它代理到一个仅 http 的 apache 实例，该实例实际上托管 Django 应用程序。我需要更改我们的配置中的某些内容吗？

Nginx

location / {
    proxy_pass_header Server;
    proxy_set_header Host $http_host;
    proxy_redirect off;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Scheme $scheme;
    proxy_connect_timeout 6000;
    proxy_read_timeout 6000;
    proxy_pass http://127.0.0.1:9000;
}

阿帕奇

<VirtualHost *:9000>
    ServerName example.com

    ### Logs ###
    LogFormat "%h %l %u %t \"%r\" %>s %b %D" common
    ErrorLog ${APACHE_LOG_DIR}/error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog ${APACHE_LOG_DIR}/access.log combined


    ### Site specific WSGI file ###
    WSGIApplicationGroup %{GLOBAL}

    KeepAlive Off
    WSGIDaemonProcess example.com processes=1 threads=20 inactivity-timeout=20
    WSGIProcessGroup %{GLOBAL}
    WSGIScriptAlias / "/usr/src/current/conf/apache/script.wsgi.py"
    WSGIPassAuthorization On

    <Directory "/">
        Options -Indexes
        Require all granted
    </Directory>
</VirtualHost>

Answer 1

您可以使用SECURE_PROXY_SSL_HEADER

如果我很好地阅读了您的配置，我认为这应该可行：

SECURE_PROXY_SSL_HEADER = ('HTTP_X_SCHEME', 'https')