This reverts commit c27776425c007d2c216899caaacda8d527f798ef. There is two reasons for reverting.
There is no difference between setting secure to false and trusting an arbitrary header.
It is not this middlewares responsibility work around insecure HTTPS proxying.
As an alternative set secure to false or use a middleware which checks the X-Forwarded-Proto etc headers and sets the https method accordingly. It is still fake sense of security though.
This reverts commit c27776425c007d2c216899caaacda8d527f798ef. There is two reasons for reverting.
secure
tofalse
and trusting an arbitrary header.As an alternative set
secure
tofalse
or use a middleware which checks theX-Forwarded-Proto
etc headers and sets the https method accordingly. It is still fake sense of security though.