Added a bit to the 1.4 release notes about the new SECURE_PROXY_SSL_HEADER setting

git-svn-id: http://code.djangoproject.com/svn/django/trunk@17313 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-30 21:13:53 +00:00 · 2011-12-30 21:13:53 +00:00 · 9fe578c212
parent d4f11eb776
commit 9fe578c212
1 changed files with 5 additions and 0 deletions
--- a/docs/releases/1.4.txt
+++ b/docs/releases/1.4.txt
@ -515,6 +515,11 @@ Django 1.4 also includes several smaller improvements worth noting:

 * The :ttag:`if` template tag now supports ``{% elif %}`` clauses.

+* If your Django app is behind a proxy, you might find the new
+  :setting:`SECURE_PROXY_SSL_HEADER` setting useful. It solves the problem of your
+  proxy "eating" the fact that a request came in via HTTPS. But only use this
+  setting if you know what you're doing.
+
 * A new, plain-text, version of the HTTP 500 status code internal error page
  served when :setting:`DEBUG` is ``True`` is now sent to the client when
  Django detects that the request has originated in JavaScript code.