I want to suggest to set the http-listener flag "proxy-address-forwarding" to true per default.

The background is: if you run Wildfly in a container environment with a reverse proxy in front of it doing the HTTPS termination, you can run into a problem.
In JSF Applications a navigation rule <redirect/> leads to a 301 with a HTTP address even if the initial request was HTTPS. For example in a Form based login page this leads to a situation that the session cookie information is send out via HTTP.

Adding proxy-address-forwarding=true to the default http-listner in the standalone.xml file solves this problem.

There was also a discussion a long time ago here: https://developer.jboss.org/message/948533

My question is: Why not setting this flag per default to true? Currently I need to build custom Wildfly Docker Images just because of this missing flag in the standalone.xml file. Otherwise it seems not be save to run the container in a container environment with a SSL Reverse Proxy.

The problem get worse since yesterday as a new Chrome Browser update for is available. Because of this update users can no longer use JSF applications in this scenario. The user is shown the browser message "Die Angaben, die Sie senden möchten, sind nicht sicher" (in german). And the browser bocks the request.

What do you think about adding proxy-address-forwarding=true per default?