Move the decision whether we are showing the no-HTTPS warning from server-side (where no https may be used when a reverse proxy is used) to user-side where this is more definite

Signed-off-by: DL6ER <dl6er@dl6er.de>

scripts/lua/header.lp

@@ -39,9 +39,6 @@ function in_array (val, tab)
     return false
 end
 
--- Connection is considered secure if running natively on HTTPS
-is_secure = mg.request_info.https
-
 -- Variable to check if user is already authenticated
 is_authenticated = mg.request_info.is_authenticated