The if statement we added does exactly what you'd think, it checks the HTTP_X_FORWARDED_PROTO header sent by Apache to see if it is equal to 'https'.
WordPress HTTPS features an is_ssl() function which extends the regular functionality of WordPress' built-in is_ssl() function. There are a few cases when using Shared SSL and proxies that WordPress' is_ssl() function doesn't recognize, such as the case you pointed out, so it returns false.
If the page is HTTP and 'Force SSL' is enabled for that page, the plugin will redirect the page to HTTPS.
If the Force SSL Exclusively option is enabled and the page is hit as HTTPS and it does not have the Force SSL checkbox checked, it will redirect to HTTP.
Problems arise when you try to hit the page on HTTPS, the plugin says that it's not HTTPS because the is_ssl() function returns false, so the plugin attempts to redirect the page to HTTPS over and over again, causing a redirect loop.