This reverts commit c27776425c007d2c216899caaacda8d527f798ef. There is two reasons for reverting.
There is no difference between setting secure to false and trusting an arbitrary header.
It is not this middlewares responsibility work around insecure HTTPS proxying.
As an alternative set secure to false or use a middleware which checks the X-Forwarded-Proto etc headers and sets the https method accordingly. It is still fake sense of security though.
This reverts commit c27776425c007d2c216899caaacda8d527f798ef. There is two reasons for reverting.
securetofalseand trusting an arbitrary header.As an alternative set
securetofalseor use a middleware which checks theX-Forwarded-Protoetc headers and sets the https method accordingly. It is still fake sense of security though.