Description of problem: In a node.js Express 4.0 application using https, including forwarding from http to https, the received requests are not populated correctly. Some are not received at all. I have opened a SO question with details: http://stackoverflow.com/questions/25654796/creating-an-express-js-4-0-application-with-https-on-openshift-including-http-r/ Some Openshift documentation (https://help.openshift.com/hc/en-us/articles/202398810-How-to-redirect-traffic-to-HTTPS-) recommends using: function redirectSec(req, res, next) { if (req.headers['x-forwarded-proto'] == 'http') { res.redirect('https://' + req.headers.host + req.path); } else { return next(); } } for redirect, but this code does not work. In my tests (see SO question, ligatures.net), some requests slip through unpopulated (req.headers.host is undefined for example). Moreover, it uses req.path which will ignore query parameters. I have noticed that node.js applications created from Openshift use an old version of Express (~3.4.4). Today, Express 4.0 has been completely 'refurbished'. It would be great if OpenShift was up to date with Express and if secured communications were tested properly (SSL & HTTPS). An operational and tested https code example would be fantastic. It is much needed. Version-Release number of selected component (if applicable): Unknown How reproducible: Creating a simple Express 4.0 node.js application with http -> https redirection and loading the certificates in the console. Actual results: Improperly populated user requests. Expected results: Properly populated user requests.
Something I forgot to mention, I am using Cloudflare too. This may have an impact on this issue.