Open seanh opened 10 years ago
ckanserviceprovider always uses the werkzeug proxyfix middleware:
https://github.com/ckan/ckan-service-provider/blob/master/ckanserviceprovider/web.py#L130
(apparently to make it work with gunicorn: https://github.com/ckan/ckan-service-provider/commit/99b675d68980e9aa44b27ad8569724651f4e1fa0)
But the docs say:
Do not use this middleware in non-proxy setups for security reasons.
Should we be using this?
ckanserviceprovider always uses the werkzeug proxyfix middleware:
https://github.com/ckan/ckan-service-provider/blob/master/ckanserviceprovider/web.py#L130
(apparently to make it work with gunicorn: https://github.com/ckan/ckan-service-provider/commit/99b675d68980e9aa44b27ad8569724651f4e1fa0)
But the docs say:
Should we be using this?