MCPcopy Index your code
hub / github.com/ZenNotes/zennotes / effectiveScheme

Method effectiveScheme

apps/server/internal/httpserver/security.go:244–257  ·  view source on GitHub ↗

effectiveScheme returns "https" if the request is genuinely on TLS or arrived through a trusted proxy that declares X-Forwarded-Proto: https. Untrusted X-Forwarded-Proto headers are ignored.

(r *http.Request)

Source from the content-addressed store, hash-verified

242// arrived through a trusted proxy that declares X-Forwarded-Proto: https.
243// Untrusted X-Forwarded-Proto headers are ignored.
244func (s *Server) effectiveScheme(r *http.Request) string {
245 if r.TLS != nil {
246 return "https"
247 }
248 if s.peerIsTrustedProxy(r) {
249 if forwarded := strings.TrimSpace(strings.Split(r.Header.Get("X-Forwarded-Proto"), ",")[0]); forwarded != "" {
250 return strings.ToLower(forwarded)
251 }
252 }
253 if s.currentConfig().BehindTLS {
254 return "https"
255 }
256 return "http"
257}
258
259func (s *Server) requestOrigin(r *http.Request) string {
260 scheme := s.effectiveScheme(r)

Callers 3

requestOriginMethod · 0.95
sessionCookieMethod · 0.95

Calls 2

peerIsTrustedProxyMethod · 0.95
currentConfigMethod · 0.95

Tested by

no test coverage detected