fix: respect X-Forwarded-Proto header for hasHTTPS in /api/security/status

Fixes issue where /api/security/status reports hasHTTPS=false when accessed
via HTTPS through a reverse proxy like Caddy.

Resolves feedback from discussion #845 (clar2242).
This commit is contained in:
rcourtman 2025-12-19 14:40:23 +00:00
parent f29d8b1b43
commit fdb6789a63

View file

@ -549,7 +549,7 @@ func (r *Router) setupRoutes() {
"configuredButPendingRestart": configuredButPendingRestart,
"hasAuditLogging": hasAuditLogging,
"credentialsEncrypted": credentialsEncrypted,
"hasHTTPS": req.TLS != nil,
"hasHTTPS": req.TLS != nil || strings.EqualFold(req.Header.Get("X-Forwarded-Proto"), "https"),
"clientIP": clientIP,
"isPrivateNetwork": isPrivateNetwork,
"isTrustedNetwork": isTrustedNetwork,