For WordPress, force the protocol scheme to be HTTPS when is_ssl() doesn't work, e.g. on a load-balanced server where _SERVER['HTTPS'] and _SERVER['SERVER_PORT'] don't indicate that SSL is being used. NB: may not be needed now, see SSL Insecure Content Fixer and HTTP Detection: https://ssl.webaware.net.au/https-detection/

force-ssl-url-scheme.php

<?php
/***
Plugin Name: Proxy SSL URL Scheme
Plugin URI: https://gist.github.com/onecooltaco/8eb7a0b0038eebc014e61c21c80c1029
Description: Force the protocol scheme to be HTTPS when HTTP_X_FORWARDED_PROTO is https
Version: 1.0.0
Author: Jeremy Leggat

Forked from https://gist.github.com/webaware/4688802

@ref: http://wordpress.org/support/topic/ssl-insecure-needs-35-compatibility
***/

/*
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License, version 2, as
published by the Free Software Foundation.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
*/

// if site is set to run on SSL, then force-enable SSL detection!
if (array_key_exists('HTTP_X_FORWARDED_PROTO', $_SERVER) 
    && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'
) {
    $_SERVER['HTTPS'] = 'on';

    // add JavaScript detection of page protocol, and pray!
    add_action('wp_print_scripts', 'force_ssl_url_scheme_script');
}

function force_ssl_url_scheme_script() {
    ?>
<script>
if (document.location.protocol != "https:") {
    document.location = document.URL.replace(/^http:/i, "https:");
}
</script>
    <?php
}