mirror of https://github.com/calzoneman/sync.git
Centralize x-forwarded-proto handling; fixes #542
This commit is contained in:
parent
1f9e396e05
commit
27af66075e
|
@ -29,14 +29,7 @@ function merge(locals, res) {
|
||||||
|
|
||||||
function getBaseUrl(res) {
|
function getBaseUrl(res) {
|
||||||
var req = res.req;
|
var req = res.req;
|
||||||
var proto;
|
return req.realProtocol + "://" + req.header("host");
|
||||||
if (["http", "https"].indexOf(req.header("x-forwarded-proto")) >= 0) {
|
|
||||||
proto = req.header("x-forwarded-proto");
|
|
||||||
} else {
|
|
||||||
proto = req.protocol;
|
|
||||||
}
|
|
||||||
|
|
||||||
return proto + "://" + req.header("host");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -22,9 +22,19 @@ export default function initialize(app, webConfig) {
|
||||||
return req.ip;
|
return req.ip;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function getForwardedProto(req) {
|
||||||
|
const xForwardedProto = req.header('x-forwarded-proto');
|
||||||
|
if (xForwardedProto && xForwardedProto.match(/^https?$/)) {
|
||||||
|
return xForwardedProto;
|
||||||
|
} else {
|
||||||
|
return req.protocol;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
app.use((req, res, next) => {
|
app.use((req, res, next) => {
|
||||||
if (isTrustedProxy(req.ip)) {
|
if (isTrustedProxy(req.ip)) {
|
||||||
req.realIP = getForwardedIP(req);
|
req.realIP = getForwardedIP(req);
|
||||||
|
req.realProtocol = getForwardedProto(req);
|
||||||
}
|
}
|
||||||
|
|
||||||
next();
|
next();
|
||||||
|
|
|
@ -31,7 +31,8 @@ function initializeLog(app) {
|
||||||
* Redirects a request to HTTPS if the server supports it
|
* Redirects a request to HTTPS if the server supports it
|
||||||
*/
|
*/
|
||||||
function redirectHttps(req, res) {
|
function redirectHttps(req, res) {
|
||||||
if (!req.secure && Config.get('https.enabled') && Config.get('https.redirect')) {
|
if (req.realProtocol !== 'https' && Config.get('https.enabled') &&
|
||||||
|
Config.get('https.redirect')) {
|
||||||
var ssldomain = Config.get('https.full-address');
|
var ssldomain = Config.get('https.full-address');
|
||||||
if (ssldomain.indexOf(req.hostname) < 0) {
|
if (ssldomain.indexOf(req.hostname) < 0) {
|
||||||
return false;
|
return false;
|
||||||
|
|
Loading…
Reference in New Issue