From 6318463682a95f6d379b4e7ddca1e4529b03bd27 Mon Sep 17 00:00:00 2001
From: PJ Eby <pje@telecommunity.com>
Date: Tue, 27 Mar 2018 15:57:27 -0400
Subject: [PATCH] Don't infinite-redirect when https is proxied

---
 middleware.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/middleware.go b/middleware.go
index 215740277..2367ed1b3 100644
--- a/middleware.go
+++ b/middleware.go
@@ -361,6 +361,7 @@ func (r *oauthProxy) securityMiddleware(next http.Handler) http.Handler {
 		ContentTypeNosniff:    r.config.EnableContentNoSniff,
 		FrameDeny:             r.config.EnableFrameDeny,
 		SSLRedirect:           r.config.EnableHTTPSRedirect,
+		SSLProxyHeaders:       map[string]string{"X-Forwarded-Proto": "https"},
 	})
 
 	return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {