The HTTP X-Forwarded-Proto request header indicates the original protocol that the client used to connect to an intermediary.
The HTTP X-Forwarded-Proto header is used to identify the original protocol used by a client to communicate with an intermediary. This is typically either HTTP or HTTPS. This is not needed in situations where the client connects directly to the server. However, when intermediaries exist, the server can only determine the protocol used between itself and the most recent proxy or load-balancer. The X-Forwarded-Proto preserves this information that will otherwise be lost.
The use of this HTTP header is intended to improve troubleshooting and statistical reporting. There are, however, additional privacy concerns because it reveals information about the originator of the HTTP request.
The only directive is the name of the protocol, as in the following example.
The "X-" naming convention for HTTP headers, "X" referring to "experimental", has been deprecated and need to be transitioned to formal naming convention for HTTP headers.
The HTTP X-Forwarded-Proto request header is commonly used; however, since its inception, there is now a standardized approach as the HTTP Forwarded request header.
The HTTP X-Forwarded-Proto header, and the newer version HTTP Forwarded header, is used to identify the original protocol used by the client.