我正在试图弄清楚如何使用ìris`和https://iris-go.com/v10/recipe#Secure57库来构建我的golang应用程序来实现这一目标。该应用程序托管在GCE上,具有工作的ssl负载均衡器。
这是我的应用:
s := secure.New(secure.Options{
AllowedHosts: []string{"mydomain.io"},
SSLRedirect: true,
SSLTemporaryRedirect: false,
SSLHost: "",
SSLProxyHeaders: map[string]string{"X-Forwarded-Proto": "https"},
STSSeconds: 315360000,
STSIncludeSubdomains: true,
STSPreload: true,
ForceSTSHeader: false,
FrameDeny: true,
CustomFrameOptionsValue: "SAMEORIGIN",
ContentTypeNosniff: true,
BrowserXSSFilter: true,
ContentSecurityPolicy: "default-src *; style-src *; https://fonts.googleapis.com/css?family=Roboto+Mono:400,100,300italic,300,100italic,400italic,500,500italic,700,700italic&subset=latin,cyrillic",
PublicKey: ``,
IsDevelopment: false,
})
app := iris.New()
app.Use(s.Serve)
app.Use(recover.New())
当我在浏览器中键入mydomain.io时,它不会将其转发到https。缺少什么?
答案 0 :(得分:0)
这里没有使用secure中间件的情况,你只需要第二个web服务器来重定向所有:80到:443,Iris也有例子,看看:{{3 }}
// to start a new server listening at :80 and redirects
// to the secure address, then:
target, _ := url.Parse("https://127.0.1:443")
go host.NewProxy("127.0.0.1:80", target).ListenAndServe()
// start the server (HTTPS) on port 443, this is a blocking func,
// you can use iris.AutoTLS for letsencrypt if you want so.
app.Run(iris.TLS("127.0.0.1:443", "mycert.cert", "mykey.key"))
玩得开心!