Comment 12 for bug 1558683

The Glance patch does not support redirecting /v1 to /v1/ using X-Forwarded-Proto (and probably /v2).

The path of a /v1 request is:

1) paste strips off the initial /v1 and redirects to the correct pipeline
2) The empty redirect [1] is hit which creates a redirect to location='/v1/'
3) webob turns the relative /v1/ into an absolute url [2] using environ['wsgi.url_scheme']. This is still set to 'http' because it has never actually entered the resource controller and the glance Request object that evaluates HTTP_X_FORWARDED_PROTO.

The best solution i can see for this is to use the oslo_middleware.http_proxy_to_wsgi [3] middleware. This will handle the X-Forwarded-Proto handling in middleware before it ever reaches routes or glance's request handling and with greater support for forwarding indication including rfc7239 [4].

[1] https://github.com/openstack/glance/blob/790b01573ace970cd55e75cb7812922629fbd2a7/glance/common/wsgi.py#L695
[2] https://github.com/Pylons/webob/blob/9c1a5af749b341d0bc78ab2e584a751c8866624b/webob/response.py#L1043-L1055
[3] https://github.com/openstack/oslo.middleware/blob/master/oslo_middleware/http_proxy_to_wsgi.py
[4] https://tools.ietf.org/html/rfc7239