[fix] replace X-Scheme by X-Forwarded-Proto header (#5107)

The HTTP X-Forwarded-Proto (XFP) request header is a *de-facto* standard header
for identifying the protocol (HTTP or HTTPS) that a client used to connect to a
proxy or load balancer.[1]

The ``X-Scheme`` header was added 10 years ago, why ``X-Scheme`` was used back
then and not ``X-Forwarded-Proto``, nobody knows today / possibly because
``X-Forwarded-Proto`` wasn't a *de-facto* standard back then.

[1] https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/X-Forwarded-Proto
[2] https://github.com/searx/searx/commit/6ef7c3276

1 files changed, 2 insertions, 2 deletions

diff --git a/utils/templates/etc/nginx/default.apps-available/searxng.conf b/utils/templates/etc/nginx/default.apps-available/searxng.conf
index 27a8c9bcc..4484d03e3 100644
--- a/utils/templates/etc/nginx/default.apps-available/searxng.conf
+++ b/utils/templates/etc/nginx/default.apps-available/searxng.conf
@@ -6,10 +6,10 @@ location ${SEARXNG_URL_PATH} {
     proxy_set_header   Connection       \$http_connection;
 
     # see flaskfix.py
-    proxy_set_header   X-Scheme         \$scheme;
+    proxy_set_header   X-Forwarded-Proto \$scheme;
     proxy_set_header   X-Script-Name    ${SEARXNG_URL_PATH};
 
-    # see limiter.py
+    # see botdetection/trusted_proxies.py
     proxy_set_header   X-Real-IP        \$remote_addr;
     proxy_set_header   X-Forwarded-For  \$proxy_add_x_forwarded_for;