Amazon Elastic load balancer is not populating x-forwarded-proto header

6
votes

I am trying to force all http requests to https requests and I am facing the problem as elastic load balancer not populating x-forwarded-proto header in the request.

This is the code I am using and it is causing redirect loop because of this. How would I fix this problem?

app.use (function (req, res, next) {
    console.log('Request headers = ' + JSON.stringify(req.headers));
    console.log('Request protocol = ' + JSON.stringify(req.protocol));
    var schema = (req.headers['x-forwarded-proto'] || '').toLowerCase();
    if (schema === 'https') {
       next();
    } else {
       res.redirect('https://' + req.headers.host + req.url);
    }
});
2
node.jsamazon-web-servicesexpressamazon-ec2load-balancing

2 Answers

13
votes

It sounds like your ELB listeners might be configured for TCP instead of HTTP. Configured for TCP, it will not add X-Forwarded-Proto or X-Forwarded-For.

1
votes

Send http and https requests to two different ports. If the request comes through on the http port, you would be safe to redirect it.