Commit 4245797c authored by Jesse Hallam's avatar Jesse Hallam Committed by Harrison Healey

redirect, vs. proxy, 80->443 without LE enabled (#9020)

The code incorrectly got refactored to proxy instead of forward, deviating from the behaviour when LE is enabled.
parent c371ae4d
...@@ -92,15 +92,23 @@ func (cw *CorsWrapper) ServeHTTP(w http.ResponseWriter, r *http.Request) { ...@@ -92,15 +92,23 @@ func (cw *CorsWrapper) ServeHTTP(w http.ResponseWriter, r *http.Request) {
const TIME_TO_WAIT_FOR_CONNECTIONS_TO_CLOSE_ON_SERVER_SHUTDOWN = time.Second const TIME_TO_WAIT_FOR_CONNECTIONS_TO_CLOSE_ON_SERVER_SHUTDOWN = time.Second
func redirectHTTPToHTTPS(w http.ResponseWriter, r *http.Request) { // golang.org/x/crypto/acme/autocert/autocert.go
if r.Host == "" { func handleHTTPRedirect(w http.ResponseWriter, r *http.Request) {
http.Error(w, "Not Found", http.StatusNotFound) if r.Method != "GET" && r.Method != "HEAD" {
http.Error(w, "Use HTTPS", http.StatusBadRequest)
return
} }
target := "https://" + stripPort(r.Host) + r.URL.RequestURI()
http.Redirect(w, r, target, http.StatusFound)
}
url := r.URL // golang.org/x/crypto/acme/autocert/autocert.go
url.Host = r.Host func stripPort(hostport string) string {
url.Scheme = "https" host, _, err := net.SplitHostPort(hostport)
http.Redirect(w, r, url.String(), http.StatusFound) if err != nil {
return hostport
}
return net.JoinHostPort(host, "443")
} }
func (a *App) StartServer() error { func (a *App) StartServer() error {
...@@ -182,7 +190,7 @@ func (a *App) StartServer() error { ...@@ -182,7 +190,7 @@ func (a *App) StartServer() error {
defer redirectListener.Close() defer redirectListener.Close()
server := &http.Server{ server := &http.Server{
Handler: handler, Handler: http.HandlerFunc(handleHTTPRedirect),
ErrorLog: a.Log.StdLog(mlog.String("source", "forwarder_server")), ErrorLog: a.Log.StdLog(mlog.String("source", "forwarder_server")),
} }
server.Serve(redirectListener) server.Serve(redirectListener)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment