coolaj86
/
redirect-https.js
1
0
Fork 0
Code Issues Pull Requests Releases Activity
redirect-https.js/README.md

36 lines
977 B
Markdown
Raw Normal View History

Update README.md
2015-06-19 15:33:15 +00:00
# redirect-https
Initial commit
2015-06-19 15:15:45 +00:00
Redirect from HTTP to HTTPS using meta redirects
Update README.md
2015-06-19 15:33:15 +00:00
```bash
npm install --save redirect-https
```
```javascript
var http = require('http');
var server = http.createServer();
server.on('request', require('redirect-https')({
port: 443
, body: '<!-- Hello! Please use HTTPS instead -->'
}));
```
# Why meta redirects?
When something is broken (i.e. insecure), you don't want it to kinda work, you want developers to notice.
Using a meta redirect will break requests from `curl` and api calls from a programming language, but still have all the SEO and speed benefits of a normal `301`.
```html
<html><head>
<meta http-equiv="refresh" content="0;URL='https://example.com/foo'" />
</head><body>
<!-- Hello Mr. Developer! Please use https instead. Thank you! -->
</html>
```
# Other strategies
If your application is properly separated between static assets and api, then it would probably be more beneficial to return a 200 OK with an error message inside