Lewisyixin opened a new issue, #12500: URL: https://github.com/apache/apisix/issues/12500
### Current Behavior When the redirect plugin is used, requests with the 'x-forwarded-proto: http' header to access the https port will still be redirected ### Expected Behavior I believe the redirect plugin should provide a global parameter, such as "trust_x_forwarded_proto," that should be enabled by default. This parameter should remain enabled when APISix is behind another Layer 7 load balancer. Conversely, it should be disabled when APISix is the first Layer 7 load balancer. For example, if one of my services receives a request from another gateway proxy with an "X-Forwarded-Proto: http" header, and I request the HTTPS port of the APISix route with redirection enabled, it will also return a redirect. I find this unreasonable. ### Error Logs _No response_ ### Steps to Reproduce Simply requesting a route with the redirect plugin enabled with a different X-Forwarded-Proto header can be sufficient. <img width="1824" height="1090" alt="Image" src="https://github.com/user-attachments/assets/6a5e4751-4dd8-4e5e-99fa-34959edfa2de"; /> ### Environment no need -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
