如何在 Express.js 中强制使用 SSL/https [英] How to force SSL / https in Express.js

问题描述

我正在尝试为 Express.js 创建一个中间件，以将所有非安全(端口 80)流量重定向到安全 SSL 端口(443).不幸的是，Express.js 请求中没有信息可以让您确定请求是通过 http 还是 https 发出的.

I am trying to create a middleware for Express.js to redirect all non-secure (port 80) traffic to the secured SSL port (443). Unfortunately there is no information in an Express.js request that lets you determine if the request comes over http or https.

一种解决方案是重定向每个请求，但这不是我的选择.

One solution would be to redirect every request but this is not an option for me.

注意事项:

1. 不可能用 Apache 或其他东西来处理它.必须在节点中完成.

在应用程序中只能启动一个服务器.

Only one server can be fired up in the application.

你会如何解决这个问题?

How would you solve that?

推荐答案

自从我在 nginx 上工作以来，我可以访问标头的 x-forwarded-proto 属性，因此我可以编写一个微型中间件来重定向所有流量，如此处所述: http://elias.kg/post/14971446990/force-ssl-with-express-js-on-heroku-nginx

Since I was working on nginx, I had access to the header's x-forwarded-proto property so I could write a tiny middleware to redirect all traffic as described here: http://elias.kg/post/14971446990/force-ssl-with-express-js-on-heroku-nginx

更新了网址

这篇关于如何在 Express.js 中强制使用 SSL/https的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！