Fixed #33569 -- Added SECURE_PROXY_SSL_HEADER support for list of protocols in the header value.

author: Thomas Schmidt <thomas@useobject.com> 2022-03-07 17:25:52 -0500
committer: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2022-03-23 19:33:36 +0100
commit: 1cf60ce6017d904024ee132f7edae0b4b821a954 (patch)
tree: bb73a5fcca79e812f2c7182ddf68dadee7c49ea2 /django/http/request.py
parent: d46e158ee21cb067a65d44699e6dce00b3dab8e3 (diff)
download: django-1cf60ce6017d904024ee132f7edae0b4b821a954.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/django/http/request.py b/django/http/request.py
index 0b64b1b2b9..c25fa4379a 100644
--- a/django/http/request.py
+++ b/django/http/request.py
@@ -261,7 +261,8 @@ class HttpRequest:
                 )
             header_value = self.META.get(header)
             if header_value is not None:
-                return "https" if header_value == secure_value else "http"
+                header_value, *_ = header_value.split(",", 1)
+                return "https" if header_value.strip() == secure_value else "http"
         return self._get_scheme()
 
     def is_secure(self):
author	Thomas Schmidt <thomas@useobject.com>	2022-03-07 17:25:52 -0500
committer	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2022-03-23 19:33:36 +0100
commit	1cf60ce6017d904024ee132f7edae0b4b821a954 (patch)
tree	bb73a5fcca79e812f2c7182ddf68dadee7c49ea2 /django/http/request.py
parent	d46e158ee21cb067a65d44699e6dce00b3dab8e3 (diff)
download	django-1cf60ce6017d904024ee132f7edae0b4b821a954.tar.gz