request.is_secure() should support checking the existence of an HTTP header like X-Forwarded-Protocol and/or X-Forwarded-Ssl. Currently, request.is_secure() relies only upon the existence of the environment variable HTTPS, which causes problems in cases that a request is proxied to Django from...
X-Forwarded-For,X-Real-IP: source IP from Proxy Protocol. X-Forwarded-Port: listen port from Proxy Protocol. X-Forwarded-Proto,X-Scheme: realhttporhttps Host,X-Forwarded-Host: incoming Host header. X-Original-Forwarded-*contain copy of the originalX-Forwarded-*from the client. ...