blob: 3c01f66ae015a31a48b051154bad835b6b3cc82e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
uwsgi_param QUERY_STRING $query_string;
uwsgi_param REQUEST_METHOD $request_method;
uwsgi_param CONTENT_TYPE $content_type;
uwsgi_param CONTENT_LENGTH $content_length;
uwsgi_param REQUEST_URI $request_uri;
uwsgi_param PATH_INFO $document_uri;
uwsgi_param DOCUMENT_ROOT $document_root;
uwsgi_param SERVER_PROTOCOL $server_protocol;
uwsgi_param REQUEST_SCHEME $scheme;
uwsgi_param HTTPS $https if_not_empty;
uwsgi_param REMOTE_ADDR $remote_addr;
uwsgi_param REMOTE_PORT $remote_port;
uwsgi_param SERVER_PORT $server_port;
uwsgi_param SERVER_NAME $server_name;
# fake HTTP Referer:-header. This is allowed since
# all Taler sites run under HTTPS, and so that extra
# check on the Referer:-header required by Django is
# overkill. Link below has full story.
# https://security.stackexchange.com/questions/96114/why-is-referer-checking-needed-for-django-to-prevent-csrf
uwsgi_param HTTP_REFERER $scheme://$host;
|