I am running the instance via supervisord and using uvicorn, which I am proxying via Apache. This works alright except that I cannot submit anything as it gives me a "Content Security Error" I have found a work around by enabling Header set Content-Security-Policy: "default-src 'self' data:; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:;" but i get this error
The information you have entered on this page will be sent over an insecure connection and could be read by a third party.
what is the correct way to proxy these requests so the site can be functional
Found the issue. There was a single missing statement in the apache conf
RequestHeader set X-Forwarded-Proto: "https"