diff --git a/lib/middleware/production.js b/lib/middleware/production.js
index b74f68334..a32f34546 100644
--- a/lib/middleware/production.js
+++ b/lib/middleware/production.js
@@ -14,6 +14,10 @@ function production(req, res, next) {
   console.log(req.headers)
 
   // Redirect to HTTPS if page requested over HTTP
+  // This relies on the X-Forwarded-Proto HTTP header as hosts
+  // like Heroku place apps behind a load balance which uses HTTPS
+  // internally. The X-Forwarded-Proto reveals the protocol of the
+  // original request.
   if (req.headers['x-forwarded-proto'] === 'http') {
     return res.redirect(302, 'https://' + req.get('Host') + req.url)
   } else {