When creating the following request:

ureq::get("https://my-domain.com")
        .set("user_id", "1")
        .set("secret", "hello_world")
        .call().unwrap()
        .into_string().unwrap();

The user_id header field is stripped when using https, if http is used the user_id is still present when it arrives on the server side.

I tried many other header field key names, but only could reproduce it with user_id.

Is there a reason why this field gets stripped out when making a request over a secure connection?

Just discovered that this is not related to ureq.

It was the nginx configuration that removed any key with an underscore to comply with the HTTP/1.1 specification.

by adding:

underscores_in_headers on;

This can be prevented.

Thanks!