ZF-11498: No support of Load Balancer X-Forwarded-Proto for HTTPS in Zend_Controller_Request_Http


this function only supports use of $_SERVER['HTTPS'], but not supporting 'X-Forwarded-Proto' header.

public function getScheme()
       return ($this->getServer('HTTPS') == 'on') ? self::SCHEME_HTTPS : self::SCHEME_HTTP;

The support of this header is easy and straight-forward:

public function getScheme()
    if ($this->getServer('HTTPS') == 'on' || 
        $this->getServer('HTTP_X_FORWARDED_PROTO') == 'https') {
        return self::SCHEME_HTTPS ;
    } else {        
        return self::SCHEME_HTTP;


Same here, can't detect SSL behind a load balancer. The LB does SSL termination and provides only HTTP_X_FORWARDED_PROTO.

isSecure() is also affected.

Set component and auto-reassign

No movements since one year ago?

Please look here: ZF-5012