in aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/internal/servlet/AwsHttpServletRequest.java [620:635]
protected String getSchemeFromHeader(Headers headers) {
// if we don't have any headers to deduce the value we assume HTTPS - API Gateway's default
if (headers == null) {
return "https";
}
String cfScheme = headers.getFirst(CF_PROTOCOL_HEADER_NAME);
if (cfScheme != null && SecurityUtils.isValidScheme(cfScheme)) {
return cfScheme;
}
String gwScheme = headers.getFirst(PROTOCOL_HEADER_NAME);
if (gwScheme != null && SecurityUtils.isValidScheme(gwScheme)) {
return gwScheme;
}
// https is our default scheme
return "https";
}