From a9519a4a6855684cf1c90a756c3ec3f4963d1c45 Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens.langhammer@beryju.org>
Date: Fri, 21 May 2021 00:03:02 +0200
Subject: [PATCH] g: set x-forwarded-proto based on upstream TLS Status

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
---
 internal/web/web_proxy.go | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/internal/web/web_proxy.go b/internal/web/web_proxy.go
index 9bcd03d15..b4cb13d20 100644
--- a/internal/web/web_proxy.go
+++ b/internal/web/web_proxy.go
@@ -9,7 +9,20 @@ import (
 func (ws *WebServer) configureProxy() {
 	// Reverse proxy to the application server
 	u, _ := url.Parse("http://localhost:8000")
-	rp := httputil.NewSingleHostReverseProxy(u)
+	director := func(req *http.Request) {
+		req.URL.Scheme = u.Scheme
+		req.URL.Host = u.Host
+		if _, ok := req.Header["User-Agent"]; !ok {
+			// explicitly disable User-Agent so it's not set to default value
+			req.Header.Set("User-Agent", "")
+		}
+		if req.TLS != nil {
+			req.Header.Set("X-Forwarded-Proto", "https")
+		} else {
+			req.Header.Set("X-Forwarded-Proto", "http")
+		}
+	}
+	rp := &httputil.ReverseProxy{Director: director}
 	rp.ErrorHandler = ws.proxyErrorHandler
 	rp.ModifyResponse = ws.proxyModifyResponse
 	ws.m.PathPrefix("/").Handler(rp)