From dcc430f6f141f2dc4071952ae2f6c3e7a1e15979 Mon Sep 17 00:00:00 2001
From: Josh Michielsen <github@mickey.dev>
Date: Mon, 21 Oct 2019 23:21:35 +0100
Subject: [PATCH] Check `X-Forwared-Proto` for https (via another reverse
 proxy)

Signed-off-by: Josh Michielsen <github@mickey.dev>
---
 http.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/http.go b/http.go
index 9ef0499c..b7ee9598 100644
--- a/http.go
+++ b/http.go
@@ -155,7 +155,8 @@ func (ln tcpKeepAliveListener) Accept() (c net.Conn, err error) {
 
 func redirectToHTTPS(opts *Options, h http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		if opts.ForceHTTPS && r.TLS == nil {
+		proto := r.Header.Get("X-Forwarded-Proto")
+		if opts.ForceHTTPS && r.TLS == nil && strings.ToLower(proto) != "https" {
 			http.Redirect(w, r, opts.HTTPSAddress, http.StatusPermanentRedirect)
 		}