Custom component broke with Improve X-Forwarded-* request headers handling

I have a custom component that I built for HA for a basic IP-enabled relay/switch board. As the board is very basic, it only has the capability to do GETs for updates.

To integrate this with HA, I created an apache reverse proxy that injected a long-lived access token header. This reverse proxy is a Docker container:

<VirtualHost *:8443>
    ProxyRequests On
    ProxyPreserveHost On
    ProxyPass / http://192.168.2.10:8123/
    ProxyPassReverse / http://192.168.2.10:8123/
    Header add Authorization "Bearer LONGLIVEDTOKEN"
    RequestHeader set Authorization "Bearer LONGLIVEDTOKEN"
    ServerName localhost
</VirtualHost>

I also have the following in HA:

http:
  use_x_forwarded_for: true
  trusted_proxies:
    - 172.22.0.100.   #IP address of apache reverse proxy

With @frenck’s PR #38696, my component is now broken. I’m assuming I was not strict enough on the X-Forwarded header. I have tried to debug, but am getting nowhere. Can anyone offer any insight?

cheers,
J.