问题描述
我正在尝试为Express.js创建一个中间件,将所有非安全(端口80)流量重定向到安全的SSL端口(443)。
不幸的是,在Express.js请求中没有信息可以让您确定请求是否通过http或https。
I am trying to create a middleware for Express.js to redirect all non-secure (port 80) traffic to the secured SSL port (443).Unfortunately there is no information in an Express.js request that lets you determine if the request comes over http or https.
一个解决方案是将每个请求,但这不是我的选择。
One solution would be to redirect every request but this is not an option for me.
注意:
-
没有可能用Apache或其他东西来处理它。
There is no possibility to handle it with Apache or something else. It has to be done in node.
只有一个服务器可以在应用程序中启动
Only one server can be fired up in the application.
您将如何解决?
推荐答案
由于我正在使用nginx,因此我可以访问头文件的x-forwarding-proto属性,因此我可以编写一个小型中间件来重定向所有流量,如下所述:
Since I was working on nginx, I had access to the header's x-forwarded-proto property so I could write a tiny middleware to redirect all traffic as described here: http://elias.kg/post/14971446990/force-ssl-with-express-js-on-heroku-nginx
编辑:更新网址
这篇关于如何在Express.js中强制SSL / https的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!