Man-in-the-Middle (MitM)

django is vulnerable to man-in-the-middle attacks. HTTP requests are not redirected to HTTPS in accordance with SECURESSLREDIRECT when deployed behind a reverse-proxy due to incorrect results for issecure and buildabsoluteuri...

Django -- Incorrect HTTP detection with reverse-proxy connecting via HTTPS

Django security releases issued: When deployed behind a reverse-proxy connecting to Django via HTTPS, django.http.HttpRequest.scheme would incorrectly detect client requests made via HTTP as using HTTPS. This entails incorrect results for issecure, and buildabsoluteuri, and that HTTP requests wou...