Nginx as backend: handle X-Forwarded-Proto (similar to NginxHttpRealIpModule / X-Real-Ip)

Hi,

when using nginx as backend, it would be useful to handle
X-Forwarded-Proto in the same way X-Forwarded-For / X-Real-Ip can be
handled, e.g.:

frontend:
proxy_set_header X-Forwarded-Proto $scheme;

backend:
set_scheme_from 10.122.1.80;
real_scheme_header X-Forwarded-Proto;

E.g. webfaction appears to use X-Forwarded-Ssl instead, which is “on”
if activated (see http://www.cherrypy.org/changeset/1980).

It would be nice, if nginx would handle “http”, “https”, “on” and
“off” as value given in real_scheme_header, or add real_ssl_header to
handle the “on”/“off”(?) case.

Currently I’m using the following in the backend config, which is good
enough as workaround, but just using $scheme here is preferred, of
course:
if ($http_x_forwarded_proto != “https”) {
rewrite ^(.*)$ https://$server_name$1 permanent;
}

Thanks,
Daniel

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs