HTTP引擎上的HTTPS重定向 [英] HTTP to HTTPS redirection on App Engine
问题描述
我遵循了以下答案:从http重定向到https在谷歌云),但它似乎不再是准确的。所引用的锚点( https:/ /cloud.google.com/appengine/docs/flexible/nodejs/configuring-your-app-with-app-yaml#security )似乎已被移除,但没有替换记录。
I've followed the answer of this: Redirect from http to https in google cloud but it does not seem to be currently accurate any more. The anchor referenced ( https://cloud.google.com/appengine/docs/flexible/nodejs/configuring-your-app-with-app-yaml#security ) seems to have been removed but without a note of a replacement.
作为参考,我通过Google App(flex)引擎提供NodeJS服务。根据我在 app.yaml
中得到的答案:
For reference, I am serving NodeJS over a Google App (flex) Engine. As per the answer I've got in my app.yaml
:
handlers:
- url: /.*
script: IGNORED
secure: always
由于HTTPS在击中我的Express引擎之前显然已终止(并且在那里重定向将无用);它是如何正确实施的?
Since HTTPS is obviously terminated before it hits my Express engine (and redirection on there would be useless); how is it currently correctly implemented?
可能有帮助,我通过控制台中的自定义域选项卡连接了一个外部域,并且确实配置了SSL证书(所以如果用户手动进入https://.com,一切都很好)
Potentially helpful, I have an external domain attached via the "Custom domains" tab in the console, and there is indeed a SSL certificate configured (so if a user manually goes to https://.com everything is fine)
推荐答案
灵活的环境目前不支持app.yaml中的处理程序。如果你想要https://重定向,你有几个选择:
The flexible environment does not current support handlers in the app.yaml. If you want https:// redirection, you have a few options:
- Use helmet to do to HSTS stuff for you, and implement your own initial redirect.
- I wrote a happy little library to always forces SSL on all routes for express yes-https
默认情况下,我们正在考虑自动将所有流量流量重定向到SSL。你认为这对你的应用会是一件好事吗?
We are considering auto-redirecting all traffic to SSL by default. Do you think that would be a good thing for your apps?
这篇关于HTTP引擎上的HTTPS重定向的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!