Fix : Pass Headers for use behind a reverse proxy

[TheCrazyGM]

Description

This PR addresses an issue encountered when running an x402 server behind a reverse proxy (e.g., Caddy, Nginx, ALB).

1. Reverse Proxy Support in GinAdapter:
   • Previously, GetURL() relied on request.Host and request.TLS, which often reflect the internal network state (e.g., http://localhost:8080) rather than the public-facing URL. This caused the WWW-Authenticate header to advertise incorrect resource URLs (wrong scheme or host), breaking client discovery and verification.
   • Fix: Updated GinAdapter.GetURL() to respect standard proxy headers:
     • X-Forwarded-Proto (for scheme detection)
     • X-Forwarded-Host (for host detection)
     • X-Forwarded-Prefix (for path/URI reconstruction)

Tests

I have verified these changes by running the server behind a local Caddy reverse proxy terminating TLS.

• Before: The server advertised http://example.com/..., causing 402 client verification to fail due to scheme mismatch.
• After: The server correctly advertises https://example.com/..., allowing the x402-go client to successfully validate the payment requirements.
• Unit Tests: Ran go test ./... in the /go directory and verified that all existing tests pass.

Checklist

• I have formatted and linted my code
• All new and existing tests pass
• My commits are signed (required for merge)

[cb-heimdall]

🟡 Heimdall Review Status

Requirement	Status	More Info
Reviews	🟡 0/1	Denominator calculation Show calculation 1 if user is bot 0 1 if user is external 0 2 if repo is sensitive 0 From .codeflow.yml 1 Additional review requirements Show calculation Max 0 0 From CODEOWNERS 0 Global minimum 0 Max 1 1 1 if commit is unverified 0 Sum 1

[vercel]

@TheCrazyGM is attempting to deploy a commit to the Coinbase Team on Vercel.

A member of the Team first needs to authorize it.