Fixed #25302 (again) -- Ignored scheme when checking for bad referers.

The check introduced in 4ce433e8 was too strict in real life. The poorly
implemented bots this patch attempted to ignore are sloppy when it comes
to http vs. https.