X-Forwarded-Proto Header

Table of Content

Syntax
Directives
Examples
Browser Compatibility
How to modify X-Forwarded-Proto header

The X-Forwarded-Proto (XFP) header is a de-facto standard header for identifying the protocol (HTTP or HTTPS) that a client used to connect to your proxy or load balancer. It's typically used in situations where secure web servers are behind proxy services, which handle HTTPS encryption/decryption on behalf of those servers.

Syntax

To add the X-Forwarded-Proto header to an HTTP request, it's appended as follows:

X-Forwarded-Proto: https

Note that the syntax is case-insensitive.

Directives

https - This directive is used if the client uses HTTPS connection to your proxy/load balancer.
http - This directive is used if the client uses HTTP connection to your proxy/load balancer.

Examples

When the X-Forwarded-Proto header is included in an HTTPS request, it should appear as follows:

GET /mypage HTTP/1.1
Host: www.example.com
X-Forwarded-Proto: https

Browser Compatibility

Browser	Compatibility
Chrome	Supported
Firefox	Supported
Safari	Supported
Opera	Supported
Edge	Supported

How to modify X-Forwarded-Proto header

ModHeader is a Chrome extension that can be used to modify HTTP request headers.

First install ModHeader from the Chrome Web Store.
Click on the ModHeader icon in the Chrome toolbar, which opens the extension settings.
In the 'Request headers' section, click 'Add' button. Then put 'X-Forwarded-Proto' in 'Name' field and 'https' or 'http' (respective to your targeted protocol) in 'Value' field.
Now, all your requests from the browser will include this header.

Modifying the X-Forwarded-Proto can be useful for testing how your server handle the protocol used by the client to connect to the proxy or load balancer. It can also be used for testing redirections from HTTP to HTTPS or vice versa.