redirect-https.js/index.js

'use strict';

module.exports = function (opts) {
  var escapeHtml = require('escape-html');

  if (!opts) {
    opts = {};
  }
  if (isNaN(opts.port)) {
    opts.port = 443;
  }
  if (!('body' in opts)) {
    opts.body = "<!-- Hello Mr Developer! We don't serve insecure resources around here."
      + "\n    Please use HTTPS instead. -->";
  }
  opts.body = opts.body.replace(/{{\s+PORT\s+}}/i, opts.port);

  return function (req, res, next) {
    if (req.connection.encrypted
      || 'https' === req.protocol
      || (opts.trustProxy && 'https' === req.headers['x-forwarded-proto'])
    ) {
      next();
      return;
    }

    var url = req.url;
    var host = req.headers.host || '';
    var newLocation = 'https://'
      + host.replace(/:\d+/, ':' + opts.port) + url
      ;
    //var encodedLocation = encodeURI(newLocation);
    var escapedLocation = escapeHtml(newLocation);
    var body = opts.body
          .replace(/{{\s*HTML_URL\s*}}/ig, escapeHtml(decodeURIComponent(newLocation)))
          .replace(/{{\s*URL\s*}}/ig, escapedLocation)
          .replace(/{{\s*UNSAFE_URL\s*}}/ig, newLocation)
          ;

    var metaRedirect = ''
      + '<html>\n'
      + '<head>\n'
      //+ '  <style>* { background-color: white; color: white; text-decoration: none; }</style>\n'
      + '  <META http-equiv="refresh" content="0;URL=\'' + escapedLocation + '\'">\n'
      + '</head>\n'
      + '<body">\n' + body + '\n</body>\n'
      + '</html>\n'
      ;

    res.setHeader('Content-Type', 'text/html; charset=utf-8');
    res.end(metaRedirect);
  };
};
v1.0.0 2015-07-07 23:19:44 +00:00			`'use strict';`

			`module.exports = function (opts) {`
			`var escapeHtml = require('escape-html');`

			`if (!opts) {`
			`opts = {};`
			`}`
			`if (isNaN(opts.port)) {`
			`opts.port = 443;`
			`}`
			`if (!('body' in opts)) {`
			`opts.body = "<!-- Hello Mr Developer! We don't serve insecure resources around here."`
			`+ "\n Please use HTTPS instead. -->";`
			`}`
			`opts.body = opts.body.replace(/{{\s+PORT\s+}}/i, opts.port);`

			`return function (req, res, next) {`
			`if (req.connection.encrypted`
			`\|\| 'https' === req.protocol`
			`\|\| (opts.trustProxy && 'https' === req.headers['x-forwarded-proto'])`
			`) {`
			`next();`
			`return;`
			`}`

			`var url = req.url;`
			`var host = req.headers.host \|\| '';`
			`var newLocation = 'https://'`
			`+ host.replace(/:\d+/, ':' + opts.port) + url`
			`;`
			`//var encodedLocation = encodeURI(newLocation);`
			`var escapedLocation = escapeHtml(newLocation);`
			`var body = opts.body`
option for URI decoded, but still html escaped urls 2015-07-07 23:30:56 +00:00			`.replace(/{{\sHTML_URL\s}}/ig, escapeHtml(decodeURIComponent(newLocation)))`
v1.0.0 2015-07-07 23:19:44 +00:00			`.replace(/{{\sURL\s}}/ig, escapedLocation)`
			`.replace(/{{\sUNSAFE_URL\s}}/ig, newLocation)`
			`;`

			`var metaRedirect = ''`
			`+ '<html>\n'`
			`+ '<head>\n'`
			`//+ ' <style>* { background-color: white; color: white; text-decoration: none; }</style>\n'`
			`+ ' <META http-equiv="refresh" content="0;URL=\'' + escapedLocation + '\'">\n'`
			`+ '</head>\n'`
			`+ '<body">\n' + body + '\n</body>\n'`
			`+ '</html>\n'`
			`;`

			`res.setHeader('Content-Type', 'text/html; charset=utf-8');`
			`res.end(metaRedirect);`
			`};`
			`};`