mod_http: Consider x-forwarded-proto from trusted proxies Should be better than setting consider_{bosh,websocket}_secure as that may end up causing actually insecure requests to be considered secure. Doing it here, as with IP, should make this apply to all HTTP modules.

author: Kim Alvefur <zash@zash.se>
date: Thu, 18 Feb 2021 10:00:56 +0100
parent: 11382:a0477656258c
child: 11385:c81b6b8c6b19
--- a/plugins/mod_http.lua	Thu Feb 18 12:02:11 2021 +0100
+++ b/plugins/mod_http.lua	Thu Feb 18 10:00:56 2021 +0100
@@ -259,6 +259,10 @@
 	if request and is_trusted_proxy(request.conn:ip()) then
 		-- Not included in eg http-error events
 		request.ip = get_ip_from_request(request);
+
+		if not request.secure and request.headers.x_forwarded_proto == "https" then
+			request.secure = true;
+		end
 	end
 	return handlers(event_name, event_data);
 end);