Setting to redirect X-Forwarded-Proto: http

[robinjoseph08]

Describe the feature:

There should be a setting that redirects any requests that has the header X-Forwarded-Proto: http to the HTTPS version of the URL. This can be done with this Hapi plugin or by including the code directly (since it's not much).

The use-case is when running Kibana within Docker with a non-configurable load balancer (e.g. AWS ELB/ALB) in front of it. We have SSL termination at the load balancer, and both port 80 and 443 forward traffic to the container port through HTTP (not HTTPS). Ideally, we can still force HTTPS by catching the requests coming from port 80/HTTP (since they will have the X-Forwarded-Proto header) and redirecting them to port 443/HTTPS.

Normally, this would be done with nginx or something similar, but when running Kibana with Docker, that just added complexity since it can't easily be bundled into a single running container.

[elasticmachine]

Pinging @elastic/kibana-core (Team:Core)

[pgayvallet]

Normally, this would be done with nginx or something similar, but when running Kibana with Docker, that just added complexity since it can't easily be bundled into a single running container.

I think the answer is in the question...

FWIW with the infra you describe, Kibana has no knowledge https is even used somewhere in the chain, given there is SSL termination at the load balancer's level, so it shouldn't be the end chain target to manage such http to https redirect.

And FWIW, when there is no TLS offloading, this feature is supported via the server.redirectHttpFromPort config setting.

Closing.