Spaces:
Sleeping
Sleeping
fix: disable SECURE_SSL_REDIRECT to fix redirect loop on HF Spaces
Browse files- Akompta/settings.py +7 -1
Akompta/settings.py
CHANGED
|
@@ -257,7 +257,13 @@ DEFAULT_FROM_EMAIL = os.environ.get('DEFAULT_FROM_EMAIL', 'noreply@akompta.com')
|
|
| 257 |
|
| 258 |
# Security Settings for Production
|
| 259 |
if not DEBUG:
|
| 260 |
-
SECURE_SSL_REDIRECT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 261 |
SESSION_COOKIE_SECURE = True
|
| 262 |
CSRF_COOKIE_SECURE = True
|
| 263 |
SECURE_BROWSER_XSS_FILTER = True
|
|
|
|
| 257 |
|
| 258 |
# Security Settings for Production
|
| 259 |
if not DEBUG:
|
| 260 |
+
# IMPORTANT: Ne pas activer SECURE_SSL_REDIRECT sur Hugging Face Spaces
|
| 261 |
+
# Le reverse proxy de HF gère déjà HTTPS, activer cette option cause une boucle de redirection
|
| 262 |
+
SECURE_SSL_REDIRECT = False
|
| 263 |
+
|
| 264 |
+
# Permet à Django de reconnaître les requêtes HTTPS via le proxy
|
| 265 |
+
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
|
| 266 |
+
|
| 267 |
SESSION_COOKIE_SECURE = True
|
| 268 |
CSRF_COOKIE_SECURE = True
|
| 269 |
SECURE_BROWSER_XSS_FILTER = True
|