diff --git a/core/core.js b/core/core.js
index cfd32135..49d4b9b7 100644
--- a/core/core.js
+++ b/core/core.js
@@ -451,7 +451,7 @@ async function blobHandler(request, response, blobId, uri) {
 	}
 
 	if (!uri) {
-		response.writeHead(303, {"Location": 'http://' + request.headers.host + blobId + '/', "Content-Length": "0"});
+		response.writeHead(303, {"Location": (request.client.tls ? 'https://' : 'http://') + request.headers.host + blobId + '/', "Content-Length": "0"});
 		response.end(data);
 		return;
 	}
@@ -542,7 +542,7 @@ loadSettings().then(function() {
 	httpd.all("", function(request, response) {
 		var match;
 		if (request.uri === "/" || request.uri === "") {
-			response.writeHead(303, {"Location": 'http://' + request.headers.host + gGlobalSettings.index, "Content-Length": "0"});
+			response.writeHead(303, {"Location": (request.client.tls ? 'https://' : 'http://') + request.headers.host + gGlobalSettings.index, "Content-Length": "0"});
 			return response.end();
 		} else if (match = /^(\/~[^\/]+\/[^\/]+)(\/?.*)$/.exec(request.uri)) {
 			return blobHandler(request, response, match[1], match[2]);
@@ -551,7 +551,7 @@ loadSettings().then(function() {
 		} else if (match = /^\/static(\/.*)/.exec(request.uri)) {
 			return staticFileHandler(request, response, null, match[1]);
 		} else if (match = /^\/scope$/.exec(request.uri)) {
-			response.writeHead(303, {"Location": 'http://' + request.headers.host + '/speedscope/#profileURL=http://' + request.headers.host + '/trace', "Content-Length": "0"});
+			response.writeHead(303, {"Location": (request.client.tls ? 'https://' : 'http://') + request.headers.host + '/speedscope/#profileURL=' + (request.client.tls ? 'https' : 'http://') + request.headers.host + '/trace', "Content-Length": "0"});
 			return response.end(data);
 		} else if (match = /^\/speedscope\/([\.\w-]*)$/.exec(request.uri)) {
 			return speedScopeHandler(request, response, match[1]);
diff --git a/core/httpd.js b/core/httpd.js
index c30eaf8b..fb461988 100644
--- a/core/httpd.js
+++ b/core/httpd.js
@@ -50,7 +50,7 @@ function Request(method, uri, version, headers, body, client) {
 	}
 	this.version = version;
 	this.headers = headers;
-	this.client = {peerName: client.peerName};
+	this.client = {peerName: client.peerName, tls: client.tls};
 	this.body = body;
 	return this;
 }
@@ -471,6 +471,7 @@ if (tildefriends.https_port) {
 		return secureSocket.listen(kBacklog, async function() {
 			try {
 				var client = await secureSocket.accept();
+				client.tls = true;
 				const kCertificatePath = "data/httpd/certificate.pem";
 				const kPrivateKeyPath = "data/httpd/privatekey.pem";