mirror of https://github.com/calzoneman/sync.git
Centralize x-forwarded-proto handling; fixes #542
This commit is contained in:
parent
1f9e396e05
commit
27af66075e
|
@ -29,14 +29,7 @@ function merge(locals, res) {
|
|||
|
||||
function getBaseUrl(res) {
|
||||
var req = res.req;
|
||||
var proto;
|
||||
if (["http", "https"].indexOf(req.header("x-forwarded-proto")) >= 0) {
|
||||
proto = req.header("x-forwarded-proto");
|
||||
} else {
|
||||
proto = req.protocol;
|
||||
}
|
||||
|
||||
return proto + "://" + req.header("host");
|
||||
return req.realProtocol + "://" + req.header("host");
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -22,9 +22,19 @@ export default function initialize(app, webConfig) {
|
|||
return req.ip;
|
||||
}
|
||||
|
||||
function getForwardedProto(req) {
|
||||
const xForwardedProto = req.header('x-forwarded-proto');
|
||||
if (xForwardedProto && xForwardedProto.match(/^https?$/)) {
|
||||
return xForwardedProto;
|
||||
} else {
|
||||
return req.protocol;
|
||||
}
|
||||
}
|
||||
|
||||
app.use((req, res, next) => {
|
||||
if (isTrustedProxy(req.ip)) {
|
||||
req.realIP = getForwardedIP(req);
|
||||
req.realProtocol = getForwardedProto(req);
|
||||
}
|
||||
|
||||
next();
|
||||
|
|
|
@ -31,7 +31,8 @@ function initializeLog(app) {
|
|||
* Redirects a request to HTTPS if the server supports it
|
||||
*/
|
||||
function redirectHttps(req, res) {
|
||||
if (!req.secure && Config.get('https.enabled') && Config.get('https.redirect')) {
|
||||
if (req.realProtocol !== 'https' && Config.get('https.enabled') &&
|
||||
Config.get('https.redirect')) {
|
||||
var ssldomain = Config.get('https.full-address');
|
||||
if (ssldomain.indexOf(req.hostname) < 0) {
|
||||
return false;
|
||||
|
|
Loading…
Reference in New Issue