Honour proxy forwarded headers for Azure App Service

Process X-Forwarded-For/Proto before HTTPS redirection so the app sees the
original scheme behind App Service's TLS-terminating load balancer, avoiding
a redirect loop in production.

Author: ManuelMadu

src/Qwertide.Api/Program.cs

@@ -1,3 +1,4 @@
+using Microsoft.AspNetCore.HttpOverrides;
 using Microsoft.EntityFrameworkCore;
 using Qwertide.Api.Data;
 
@@ -39,6 +40,17 @@
     app.UseSwaggerUI();
 }
 
+// Trust the X-Forwarded-* headers Azure App Service's load balancer sets, so
+// the app sees the original HTTPS scheme instead of looping on redirect behind
+// the TLS-terminating proxy.
+var forwardedHeaders = new ForwardedHeadersOptions
+{
+    ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto,
+};
+forwardedHeaders.KnownNetworks.Clear();
+forwardedHeaders.KnownProxies.Clear();
+app.UseForwardedHeaders(forwardedHeaders);
+
 app.UseHttpsRedirection();
 
 // Serve the Blazor WASM client this API is bundled with (single-service deploy).