Use Secure proxy ssl header only if no https

2024-11-27 17:35:07 +01:00 · 2024-04-29 15:33:21 +05:30 · 2024-04-29 15:33:21 +05:30 · 5beedc9734
commit 5beedc9734
parent 408f4780ce
1 changed files with 2 additions and 1 deletions
--- a/src/khoj/app/settings.py
+++ b/src/khoj/app/settings.py
@ -48,7 +48,8 @@ else:
    # Production Settings
    SESSION_COOKIE_DOMAIN = KHOJ_DOMAIN
    CSRF_COOKIE_DOMAIN = KHOJ_DOMAIN
-    SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
+    if not is_env_var_true("KHOJ_NO_HTTPS"):
+        SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")

 SESSION_COOKIE_SECURE = not is_env_var_true("KHOJ_NO_HTTPS")
 CSRF_COOKIE_SECURE = not is_env_var_true("KHOJ_NO_HTTPS")