Nodejs HTTP和HTTPS在同一端口 [英] Nodejs HTTP and HTTPS over same port
问题描述
我已经google了,在stackoverflow看这里,但我找不到我喜欢的答案; - )
I've been googling and looking here at stackoverflow, but I can't find an answer I like ;-)
我有一个运行的NodeJS服务器HTTPS和端口3001.现在我想在端口3001上获取所有传入的HTTP请求,并将其重定向到相同的URL但是通过HTTPS。
I have a NodeJS server that runs over HTTPS and port 3001. Now I'd like to fetch all incoming HTTP requests on port 3001 and redirect them to the same URL but over HTTPS.
这必须是可能的。不是吗?
This must be possible. Isn't it?
谢谢!
推荐答案
如果遵循约定,则需要在同一个端口上收听
根据约定,当您请求 http://127.0.0.1 您的浏览器将尝试连接到端口80.如果您尝试打开 https://127.0.0.1 ,您的浏览器将尝试连接到端口443.所以要保护所有流量是传统的方式来听http端口80,重定向到 https ,其中我们已经有一个监听器用于https 443的端口。这里是代码:
You don't need to listen on same port if you follow convention
By convention when you request http://127.0.0.1 your browser will try to connect to port 80. If you try to open https://127.0.0.1 your browser will try to connect to port 443. So to secure all traffic it is simply conventional to listen to port 80 on http with a redirect to https where we already have a listener for https for port 443. Here's the code:
var https = require('https');
var fs = require('fs');
var options = {
key: fs.readFileSync('./key.pem'),
cert: fs.readFileSync('./cert.pem')
};
https.createServer(options, function (req, res) {
res.end('secure!');
}).listen(443);
// Redirect from http port 80 to https
var http = require('http');
http.createServer(function (req, res) {
res.writeHead(301, { "Location": "https://" + req.headers['host'] + req.url });
res.end();
}).listen(80);
使用https测试:
$ curl https://127.0.0.1 -k
secure!
使用http:
$ curl http://127.0.0.1 -i
HTTP/1.1 301 Moved Permanently
Location: https://127.0.0.1/
Date: Sun, 01 Jun 2014 06:15:16 GMT
Connection: keep-alive
Transfer-Encoding: chunked
如果您必须在同一端口上收听
在同一个端口上没有简单的方法让http / https侦听。你最好打算在一个简单的网络套接字上创建代理服务器,这个代理服务器根据传入连接的性质(http与https)进行管理(http或https)。
If you must listen on same port
There isn't simple way to have http / https listen on the same port. You best bet is to create proxy server on a simple net socket that pipes to (http or https) based on the nature of the incoming connection (http vs. https).
以下是完整的代码(基于 https://gist.github.com/bnoordhuis/4740141 )那。它监听localhost:3000并将其管道到http(这又将其重定向到https),或者如果进入连接在https中,则将其传递到https处理程序
Here is the complete code (based on https://gist.github.com/bnoordhuis/4740141) that does exactly that. It listens on localhost:3000 and pipes it to http (which in turn redirects it to https) or if the incomming connection is in https it just passes it to https handler
var fs = require('fs');
var net = require('net');
var http = require('http');
var https = require('https');
var baseAddress = 3000;
var redirectAddress = 3001;
var httpsAddress = 3002;
var httpsOptions = {
key: fs.readFileSync('./key.pem'),
cert: fs.readFileSync('./cert.pem')
};
net.createServer(tcpConnection).listen(baseAddress);
http.createServer(httpConnection).listen(redirectAddress);
https.createServer(httpsOptions, httpsConnection).listen(httpsAddress);
function tcpConnection(conn) {
conn.once('data', function (buf) {
// A TLS handshake record starts with byte 22.
var address = (buf[0] === 22) ? httpsAddress : redirectAddress;
var proxy = net.createConnection(address, function () {
proxy.write(buf);
conn.pipe(proxy).pipe(conn);
});
});
}
function httpConnection(req, res) {
var host = req.headers['host'];
res.writeHead(301, { "Location": "https://" + host + req.url });
res.end();
}
function httpsConnection(req, res) {
res.writeHead(200, { 'Content-Length': '5' });
res.end('HTTPS');
}
作为测试,如果您将其与https连接,您将获得https处理程序:
As a test, If you connect it with https you get the https handler:
$ curl https://127.0.0.1:3000 -k
HTTPS
如果您将其与http连接,您将获得重定向处理程序(只需将您转到https处理程序):
if you connect it with http you get the redirect handler (which simply takes you to the https handler):
$ curl http://127.0.0.1:3000 -i
HTTP/1.1 301 Moved Permanently
Location: https://127.0.0.1:3000/
Date: Sat, 31 May 2014 16:36:56 GMT
Connection: keep-alive
Transfer-Encoding: chunked
这篇关于Nodejs HTTP和HTTPS在同一端口的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
