This is very interesting and easy to understand. It seems unlikely to me that anyone would setup nginx in this way for anything of importance though. A very simple solution to all the problems mentioned would be to use https (with certificate verification) for the proxy protocol. There is more operational overhead to the certificate management of course. But for production stuff it is most certainly worth it.