diff --git a/horizon/tests/base_tests.py b/horizon/tests/base_tests.py index d99e9fb25..20c87f1c7 100644 --- a/horizon/tests/base_tests.py +++ b/horizon/tests/base_tests.py @@ -308,3 +308,28 @@ class HorizonTests(BaseHorizonTests): follow=False, HTTP_X_REQUESTED_WITH='XMLHttpRequest') self.assertEqual(resp.status_code, 200) + + def test_ssl_redirect_by_proxy(self): + users.get_user_from_request = self._real_get_user_from_request + dogs = horizon.get_dashboard("dogs") + puppies = dogs.get_panel("puppies") + url = puppies.get_absolute_url() + redirect_url = "?".join([urlresolvers.reverse("horizon:auth_login"), + "next=%s" % url]) + + client = Client() + client.logout() + resp = client.get(url) + self.assertRedirectsNoFollow(resp, redirect_url) + + # Set SSL settings for test server + settings.TESTSERVER = 'https://testserver:80' + settings.SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL', + 'https') + + resp = client.get(url, HTTP_X_FORWARDED_PROTOCOL="https") + self.assertRedirectsNoFollow(resp, redirect_url) + + # Restore settings + settings.TESTSERVER = 'http://testserver' + settings.SECURE_PROXY_SSL_HEADER = None diff --git a/openstack_dashboard/local/local_settings.py.example b/openstack_dashboard/local/local_settings.py.example index 5e293150c..9b568fddb 100644 --- a/openstack_dashboard/local/local_settings.py.example +++ b/openstack_dashboard/local/local_settings.py.example @@ -5,7 +5,13 @@ from django.utils.translation import ugettext_lazy as _ DEBUG = True TEMPLATE_DEBUG = DEBUG PROD = False -USE_SSL = False + +# Set SSL proxy settings: +# For Django 1.4+ pass this header from the proxy after terminating the SSL, +# and don't forget to strip it from the client's request. +# For more information see: +# https://docs.djangoproject.com/en/1.4/ref/settings/#secure-proxy-ssl-header +# SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL', 'https') # Note: You should change this value SECRET_KEY = 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0'