You won't get the scheme here. It is http by virtue of this being a plain (Non-TLS listener). A https request could not have worked.
If you had an extra TLS listener you need to determine which one got hit to infer the scheme, (You can look at the port used to connect, or just use an extra middleware on the TLS listener.

I think checking this field for nil on http.Request is the closest you will get:

        // TLS allows HTTP servers and other software to record
        // information about the TLS connection on which the request
        // was received. This field is not filled in by ReadRequest.
        // The HTTP server in this package sets the field for
        // TLS-enabled connections before invoking a handler;
        // otherwise it leaves the field nil.
        // This field is ignored by the HTTP client.
        TLS *tls.ConnectionState

FWIW, since often what you will be wanting this for is to construct a URL non-relative URL for a client, it is desirable to try and respect the x-forwarded-proto header. The client may have used TLS, even though the server processing the request did not receive it over TLS.
@AnikHasibul I'd suggest closing this, it is not a bug.

Thanks.

Checking for a nil TLS field on an http.Request is the correct way to determine if a request is http. We likely will not provide an alternative method since it's redundant to do so given the current solution.

Checking TLS is all well and good if the only schemes in existence were http and https, but the real world is far broader than that. I arrived here looking for the best way to check for a ws or wss scheme for proxying purposes. I'm sure others have use cases for other schemes as well.

@ChrisSalisbury the scheme simply doesn't exist as part of the HTTP protocol. It's not in the request at all, there's no way to populate the field. The scheme is used when a client interprets a URL for the client to decide which language to use when talking to the server, there's no point where the client is mandate to tell the server what "language" is being used to talk to to it (there's an assumption that if we are communicating at all, then we must already know what language we are talking).

I am new to golang and I found the URL API very confusing,

IMHO, for developer convenience there should be an API somewhere (could be elsewhere than in http or url) to get the full URL from any http(s) request.

I sorted it out by re-constructing from above mentioned hints.

For the record here is a link to mentioned RFC:

https://tools.ietf.org/html/rfc7230#section-5.3

Checking on the request URL TLS does the trick, thanks. But feels weird 😕
Checking the request URL scheme is where anyone would look at.

The suggestions here focus on disambiguating http:// vs https://. How can we determine if an incoming request has e.g. a ws:// scheme?

The fundamental point here is that we simply do not know what the scheme is. Scheme is part of the URI spec. As unpalatable as it is, the http requests never gets the URL the client requested, it only gets the path (and, most of the time, the hostname),
Consider the case of a simple TCP based SSL proxy. The connection comes in as https, ssl is stripped, and the connection is forwarded on to the non-ssl server. Which scheme do you want? The one the client plugged into their browser (we can never get that), "https", because the original server saw a TLS connection, or "http".

@lthibault websockets start off as a normal HTTP(S) GET requests that come with headers that look like:

...
Upgrade: websocket
Connection: ...Upgrade...
...

@DisposaBoy Right, but I was hoping to route requests at a given endpoint (e.g. /foo) towards a websocket handler or a vanilla HTTP handler based on the scheme of the incoming request.

Sounds like this isn't possible, so I'll likely have to use a query parameter such as ws://localhost:9021/foo?ws=1. This is ugly because the ws param is redundant with the ws scheme, but what can you do. ¯\_(ツ)_ /¯

@lthibault if you just want to know if it's a websocket request, can't you look for the connection upgrade headers?

@lthibault I'm not sure I understand. If you can detect that it's a WS connection by the presence of a ?ws=1 query I don't see why you can't detect it with the upgrade headers.

if you want to check ws: vs wss: then you can do both the check for an existing TLS negotiation (or X-Forwarded-For-Scheme), and the upgrade headers.

@DisposaBoy @tcolgate Of course... how did I not think of that. 🤦‍♂

Many thanks!