On SS4 I believe the Proxy details are set via the TrustedProxyMiddleware class. https://github.com/silverstripe/silverstripe-framework/blob/4/src/Control/Middleware/TrustedProxyMiddleware.php

E.g. https://github.com/silverstripe/silverstripe-framework/blob/1f1c344272603eaaa16dd7d31374bde114e8ae9e/docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md#request-hostname-forgery

Attachments:
src/Control/Middleware/TrustedProxyMiddleware.php
src/Control/Middleware/TrustedProxyMiddleware.php
docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md

No worries 🙂 - Yes, HTTPS is set to ‘on’ in my PHP info.

Files: Requires logging in to the Slack workspace to view/download
Screen Shot 2019-01-14 at 9.18.49 PM.png (PNG)

@Josh do you see the HTTPS or SSL props of $_SERVER set after the RPAF installation? I just tried it and nothing changed in the $_SERVER array for me.

or at least I couldn’t find anything else in the framework codebase