Is it possible to force nginx $scheme value to "https" if nxinx is running behind load balancer?
In my scenario Load balancer takes care of https communication with client and forwards requests to nginx as raw http. I know I can do something like this to detect https
set $my_scheme "http";
if ($http_x_forwarded_proto = "https") {
set $my_scheme "https";
}
but I'm just curious if there is something like real_ip_header
function for IPs.
Are there also some headers I need to update when detecting https manualy?
Our setup is the same as yours, only using map
instead of if/set
(as recommended by the nginx devs).
# Sets a $real_scheme variable whose value is the scheme passed by the load
# balancer in X-Forwarded-Proto (if any), defaulting to $scheme.
# Similar to how the HttpRealIp module treats X-Forwarded-For.
map $http_x_forwarded_proto $real_scheme {
default $http_x_forwarded_proto;
'' $scheme;
}
P.S. I agree, a real_scheme
module would be nice!