Skip to content

Latest commit

 

History

History
67 lines (43 loc) · 1.98 KB

README.md

File metadata and controls

67 lines (43 loc) · 1.98 KB

redirect-ssl

Enforce HTTPS on your Nuxt app with Koa or Express backend

Usage

Install package

yarn add @ax2/redirect-ssl

Require and use middleware (Make sure adding it as the first in the chain)

const redirectSSL = require('redirect-ssl')

// Add middleware
app.use(redirectSSL)

// Or if want to provide options
app.use(redirectSSL.create({ redirectPort: 8443 }))

Options

xForwardedProto

  • Default: true

Trust and check x-forwarded-proto header for HTTPS detection.

redirect

  • Default: process.env.NODE_ENV === 'production'

Only enabled in production environment. Force redirecting locally by setting this option to true.

redirectPort

  • Default: 443

Redirect users to this port for HTTPS. (:443 is omitted from URL as is default for https:// schema)

redirectHost

  • Default: undefined

Redirects using this value as host, if omitted will use request host for redirects.

NOTE It should not contain schema or trailing slashes. (Example: google.com)

redirectUnknown

  • Default: true

Redirect when no SSL detection method is available too. disable this option if you encounter redirect loops.

Status Code

  • Default: 307 Temporary Redirect

Status code when redirecting. The reason of choosing 307 for default is:

  • It prevents changing method from POST TO GET by user agents. (If you don't care, use 302 Found)
  • Is temporary so if for any reason HTTPS disables on server clients won't hurt. (If you need permanent, use 308 Permanent Redirect or 301 Moved Permanently)
  • See This question, 307 on MDN, and RFC 7231 section 6.4.7 for more info.

exclude

  • Default: [] An array of routes patterns for which redirection should be disabled.

License

MIT - Ax2