express-force-https-schema

Configurable Express middleware that forces HTTPS based on the X-Forwarded-Proto header, commonly used behind proxies like Heroku, AWS ELB, and Nginx. Version 1.0.3 is the latest stable release (last updated 2018, in maintenance mode). It uses a header-based check rather than direct protocol detection, making it suitable for load-balanced or containerized environments. Unlike similar middleware (e.g., express-sslify), it provides options to skip certain user agents and disable the check via an enabled flag.