Amazon’s Elastic Load Balancer supports SSL. But it is the SSL endpoint, so when ELB forwards an HTTPS request to a server, it turns it into an HTTP request.

Often, it is necessary to know if the request was HTTPS or HTTP. For example, if you’re working on an oauth system or you’d like to make sure people are entering their credit card information on HTTPS pages.

Fortunately, the ELB service adds two headers to the request: X-Forwarded-Proto and X-Forwarded-Port.

If X-Forwarded-Proto is “https”, then it was an HTTPS request.

(There’s a litte more info on the aws blog.)