#1172 mod_bosh and mod_websocket: Don't report "It works" on insecure GET
The default "it works" page that mod_bosh and mod_websocket serve for a GET request could be improved with some more detail.
In particular, if the request is received over HTTP (and not HTTPS) it should give a warning if consider_X_secure is not set.
Also we could consider reporting some useful info about what we think the client's IP address is (i.e. to ensure trusted_proxies is set correctly).