diff --git a/core/includes/bootstrap.inc b/core/includes/bootstrap.inc
index 3d41fcb..c6159b8 100644
--- a/core/includes/bootstrap.inc
+++ b/core/includes/bootstrap.inc
@@ -430,6 +430,19 @@ function _drupal_request_initialize() {
 
   $is_https = isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on';
 
+  // This function is called after drupal_settings_initialize, so Setttings is instanciated
+  // If Drupal is behind a reverse proxy or load balancer that is communicating
+  // with the end-user over https but with Drupal over http we will generate a
+  // broken $base_path unless we check $_SERVER['HTTP_X_FORWARDED_PROTO'] to 'on'.
+  // Trusting these headers is a potential security risk so we only do so if
+  // $settings['reverse_proxy'] has been set.
+  if (Settings::get('reverse_proxy') == TRUE) {
+    // X-Forwarded-Proto is the most common convention for protocol information.
+    if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https') {
+      $is_https = 'on';
+    }
+  }
+
   if (isset($base_url)) {
     // Parse fixed base URL from settings.php.
     $parts = parse_url($base_url);