express-https-redirect

Express middleware that redirects non-secure access to HTTPS (optimized for Azure and AWS).

express-https-redirect

Express middleware that redirects non-secure access to HTTPS (optimized for Azure and AWS).

Description

When you deploy an express-based application to a cloud service such as Azure or AWS, you are not afforded a direct connection as you would when deploying to a server you control. Azure, for example, routes requests to your application via a named pipe instead of a port number.

This makes the determination of whether or not your users are accessing your site using HTTP versus HTTPS slightly more difficult. This simple module helps with that and redirects any non-secure traffic to an HTTPS connection.

By default, the espress-https-redirectmodule does not redirect to HTTPS when running on a localhost as that is typically not secured with an SSL certificate. You can change this by setting the redirectLocalhostparameter in your app.usecall.

Installation

$ npm install express-https-redirect --save

Usage

var express = require('express');
var httpsRedirect = require('express-https-redirect');
var app = express();
app.use('/', httpsRedirect());

If you also want localhost requests to be redirected, do the following:

app.use('/', httpsRedirect(true));

License

(The MIT License)

Copyright (c) 2015 Buchanan & Edwards

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

HomePage

https://github.com/buchanan-edwards/express-https-redirect

Repository

https://github.com/buchanan-edwards/express-https-redirect.git


上一篇:f2e-middle-rollup
下一篇:sleepless

相关推荐

  • 🙋Hanjst汉吉斯特改进+enSafeExpression安全表达式等

    Hanjst汉吉斯特模版语言及模版引擎,近期持续改进升级。 这次改进主要是增加了对安全输出表达式兼容,由于涉及到对软件开发过程中的效率和软件运行效率的平衡和取舍,所以多写了几句,以描述这个权衡利弊对...

    10 天前
  • 项目总结 - 构建vue cli3.0+express项目

    简介:本篇是记录搭建流程,不过多叙述,搭建的细节,主要以前端为主,项目是主要是为了重构前端代码,后端代码完全复用,还会有篇主要讲node项目的搭建 项目背景: 开发环境前后端同时实现热加载...

    2 年前
  • 面试专用:Http和Https之间的区别,及原理分析

    关于HTTP和HTTPS文章原理及分析,我相信已经有很多了,深入的原理我就不一一写出来了。 写这篇文章的目的主要是为了解决面试过程关于HTTP和HTTPS常见问题及怎样用自己话更好的描述出来了。

    2 个月前
  • 通过讲故事的方式让你理解,对称密钥加密,非对称称密钥加密和HTTPS等

    在讲HTTPS之前我们先聊一下密码学的简单知识,因为密码学还是比较复杂的学科,这里就简单的介绍一些概念,但是这些概念对理解HTTPS有很大的帮助。 在密码学中,常用Alice和Bob这两个名字进行举...

    5 个月前
  • 通过变量来使用next()在expressjs未来中间件

    cchamberlainuser2791897(https://stackoverflow.com/users/769871/cchamberlain)提出了一个问题:passing variable...

    2 年前
  • 这一次,彻底理解https原理

    我的github/blog,若star,无比感谢 建议电脑观看,图有点挤,手机屏幕太小可能看不清楚。 放轻松 作为一个前端er,你总会在学习或工作中,听到这样的声音:什么是https?你对http...

    5 个月前
  • 这一次,彻底理解 https 原理

    我的github/blog,若star,无比感谢 建议电脑观看,图有点挤,手机屏幕太小可能看不清楚。 放轻松 作为一个前端er,你总会在学习或工作中,听到这样的声音:什么是https?你对http...

    5 个月前
  • 记一次使用Fiddler抓包工具抓取Https协议数据的踩坑过程

    前言 记得从刚入门前端第一天开始,当时的师傅就跟我介绍了一个可以抓取一些必须要在微信浏览器打开的链接的工具Fiddler,主要用来抓取这些网页的源码,确实是非常好用,当然后来知道有了微信开发者工具...

    2 年前
  • 笔记:解读express 4.x源码

    此为裁剪过的笔记版本。 原文在此:https://segmentfault.com/a/11...(https://segmentfault.com/a/1190000000577149) 感谢@...

    2 年前
  • 确保Web安全的 HTTPS

    写下前面阅读这篇文章可能需要20分钟,但能了解关于HTTPS的SSL、CA、密钥加密之间的关系。HTTP的缺点HTTP主要有这些不足,列举如下:通信使用明文(不加密),内容可能会被窃听不验证通信方的身...

    2 个月前

官方社区

扫码加入 JavaScript 社区