Connect/Express middleware to enforce https using is-https.
Install package:
yarn add redirect-ssl
# or
npm install redirect-ssl
Require and use redirect-ssl
. Make sure to use this middlware as the first in your middleware chain (if using express see middleware chain:
import redirectSSL from 'redirect-ssl'
// or
const redirectSSL = require('redirect-ssl')
// Add middleware
app.use(redirectSSL)
// Using custom options
app.use(redirectSSL.create({ redirectPort: 8443 }))
If you want to disable on localhost
, use the exclude option:
app.use(redirectSSL.create({
exclude: ['localhost']
}))
Only enable in production environments:
app.use(redirectSSL.create({
enabled: process.env.NODE_ENV === 'production'
}))
- Default:
true
Trust and check x-forwarded-proto
header for HTTPS detection.
- Default:
true
- Default:
443
Redirect users to this port for HTTPS. (:443
is omitted from URL as is default for https://
schema)
- Default:
req.headers.host
Redirects using this value as host, if omitted will use request host for redirects.
NOTE It should not contain schema or trailing slashes. (Example: google.com
)
- Default:
true
Redirect when no SSL detection method is available too. disable this option if you encounter redirect loops.
- Default:
307
Temporary Redirect
Status code when redirecting. The reason of choosing 307
for default is:
- It prevents changing method from
POST
TOGET
by user agents. (If you don't care, use302
Found) - Is temporary so if for any reason HTTPS disables on server clients won't hurt. (If you need permanent, use
308
Permanent Redirect or301
Moved Permanently) - See This question, 307 on MDN, and RFC 7231 section 6.4.7 for more info.
- Default:
[]
An array of routes patterns for which redirection should be disabled.
Using with Nuxt.js
Add the redirect-ssl
to the serverMiddleware
array within in the nuxt.config.js file is the preferred usage:
import redirectSSL from 'redirect-ssl'
export default {
serverMiddleware: [
redirectSSL.create({
enabled: process.env.NODE_ENV === 'production'
}),
]
}
You will still need to install this package within your project for it work.
MIT. Made with 💖