From 5831a1ce5ba5be7d9f55f36bfe9714715b0ecdf8 Mon Sep 17 00:00:00 2001
From: Eric Wong <normalperson@yhbt.net>
Date: Fri, 13 Nov 2009 18:32:24 -0800
Subject: FAQ: additional notes on getting HTTPS redirects right

---
 FAQ | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'FAQ')

diff --git a/FAQ b/FAQ
index cebf30b..4bb6b98 100644
--- a/FAQ
+++ b/FAQ
@@ -7,6 +7,12 @@ If your site is entirely behind https, then Rack applications that use
 
   HttpRequest::DEFAULTS["rack.url_scheme"] = "https"
 
+For frameworks that do not use "rack.url_scheme", you can also
+try setting one or both of the following:
+
+  HttpRequest::DEFAULTS["HTTPS"] = "on"
+  HttpRequest::DEFAULTS["HTTP_X_FORWARDED_PROTO"] = "https"
+
 Otherwise, you can configure your proxy (nginx) to send the
 "X-Forwarded-Proto: https" header only for parts of the site that use
 https.  For nginx, you can do it with the following line in appropriate
-- 
cgit v1.2.3-24-ge0c7