From 5beedc97345a3610a0bc98e6e8fea85c31d83253 Mon Sep 17 00:00:00 2001 From: sabaimran Date: Mon, 29 Apr 2024 15:33:21 +0530 Subject: [PATCH] Use Secure proxy ssl header only if no https --- src/khoj/app/settings.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/khoj/app/settings.py b/src/khoj/app/settings.py index c49cdf6d..42ff8ad0 100644 --- a/src/khoj/app/settings.py +++ b/src/khoj/app/settings.py @@ -48,7 +48,8 @@ else: # Production Settings SESSION_COOKIE_DOMAIN = KHOJ_DOMAIN CSRF_COOKIE_DOMAIN = KHOJ_DOMAIN - SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https") + if not is_env_var_true("KHOJ_NO_HTTPS"): + SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https") SESSION_COOKIE_SECURE = not is_env_var_true("KHOJ_NO_HTTPS") CSRF_COOKIE_SECURE = not is_env_var_true("KHOJ_NO_HTTPS")