在Heroku托管的节点应用上,我想将所有HTTP流量重定向到HTTPS而不运行单独的应用服务器。
之前的帖子Automatic HTTPS connection/redirect with node.js/express建议设置iptables
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 3000
我不是很专家 - 但是有谁知道如何在Heroku上做这个?目标是将http路由到https - 无论以最有效的方式实现这一点。
谢谢!
答案 0 :(得分:2)
我在Express中检查https并在必要时重定向:
(你使用Express吗?)
function requireSecure(req, res, next){
if(!req.secure){
var port = app.myConfig.httpsPort || 443;
if(port != 443){
res.redirect('https://'+req.host+':'+port+req.originalUrl);
console.log('redirecting to https://'+req.host+':'+port+req.originalUrl);
} else {
res.redirect('https://'+req.host+req.originalUrl);
console.log('redirecting to https://'+req.host+req.originalUrl);
};
} else {
next();
};
}
// place before any other route to ensure all requests https
app.all('*', requireSecure);
// You can instead protect individual routes like this:
app.get('/account'
, requireSecure
, function(req, res, next){
res.send(200, 'This route is definitely secure!')
});
// I THINK (but haven't tested,) that you can also place this
// function as middleware in Express's stack, above your router
// (but possibly below the static files handler, if you don't need https for those)
app.configure(function(){
app.set('views', __dirname + '/views');
app.set('view options', {layout:false});
app.set('view engine', 'jade');
app.use(requireSecure);
app.use(express.bodyParser());
app.use(express.methodOverride());
app.use(app.router);
app.use(express.static(__dirname + '/public'));
});
// Listen to both http and https protocols:
var http = require('http');
var https = require('https');
http.createServer(app).listen(80);
https.createServer(options, app).listen(443);