question: Is X-Forwarded-Proto set correctly?

[joncfoo]

I'm invoking devd with the command below and accessing my application over https://devd.io/. I noticed in my application that X-Forwarded-Proto = http - shouldn't it be https since I am forwarding /=https://127.0.0.1:3000/ ?

devd --port=443 \
    --cert=_certs/devd.io/bundle.pem \
    /=https://127.0.0.1:3000

Changing the following line in reverseproxy.go to req.Header.Set("X-Forwarded-Proto", target.Scheme) results in X-Forwarded-Proto being set to https (it works for my use-case but I'm not sure if this is the right fix?).

https://github.com/cortesi/devd/blob/93164c9b170e00b808d34f54ff109d91b3e4d18b/reverseproxy/reverseproxy.go#L80

[wader]

Hi, this sounds like what was fix in https://github.com/cortesi/devd/pull/83 ?

[lancerushing]

I tracked down a bug with X-Forwarded-Proto.

When using "--cert" X-Forwarded-Proto gets set to "http" (should be "https")

Steps to reproduce:

1. start web server to show X-Forwarded-Proto header
2. start devd with --cert="SomeCustomCert"
3. make request to devd

# start web server in one terminal (netcat will do in a pinch)
nc -l 9000

# start devd in another terminal 
# just use ~/.devd.cert which should be there if you have ever started devd with --tls
devd --cert=${HOME}/.devd.cert http://localhost:9000

# Make request
curl -k https://devd.io:8000

Then inspect the output from netcat. ( ctrl+C to quit netcat)

Note: the "--tls" flag sets X-Forwarded-Proto correctly.