Protocol details from Via Header in laminas-http and laminas-diactoros

Hey guys,

I am playing around with some HTTP2 features like HTTP/2 Push.
I want to check in my code if the request is via HTTPS and HTTP/2 to decide if I have to add the Link-Header or not.

We are using a Proxy to terminate SSL (as many of you probably do with cloudflare, e.g. I think?) and internally we are using HTTP. Thus there are several standards to tell other servers the original protocol, e.g.

There are “X-Forwarded-Proto” for the protocol (http/https) and several other “X-Forwarded-*” Headers to map. Ive recently contributed the “X-Forwarded-Host” to laminas-diactoros but there is absolutely no way to see if the original request is HTTP/2 or not.

Thus, I searched for a header where this information could be found. And voila, some proxies (mostly public ones) are providing a “Via”-Header where the version can be found.

However, there should be a way to trust some proxies and ignore the others (thus to ensure that we are not passing the protocol version of a proxy which is not in our hands.

Does anyone have an idea if and if so, how I should implement this in both laminas-http and laminas-diactoros without introducing breaking changes, e.g.

Would love to get feedback here.