oTree Forum >

oTree does not offer https:// URLs when not forwarding from

#1 by gr0ssmann

I have a public-facing server on (let's say), which forwards requests to, which is running oTree. I noticed that this setup does not make oTree offer https:// URLs, even with the following headers set in nginx:

    proxy_set_header X-Forwarded-Proto https;
    proxy_set_header Front-End-Https on;
    proxy_set_header X-Forwarded-Protocol https;
    proxy_set_header X-Forwarded-Ssl on;
    proxy_set_header X-Url-Scheme https;

However, if I ssh into, with remote port forwarding set such that I can let nginx forward the request to, which in turn redirects it to over the ssh tunnel, then oTree does offer https:// URLs, without any further changes required. So I guess that oTree somehow notices that the request does not originate from and decides to use http:// instead of https://.

This seems bad, since all requests, likely including those with WebSockets, are first forced through the insecure http.

Is there a way to make oTree respect a header like X-Forwarded-Protocol?

Write a reply

Set forum username