add headerRedirect option

This commit is contained in:
Ryan Burnette 2018-09-07 15:30:29 -04:00
parent 11b1697d74
commit eda4179f64
2 changed files with 8 additions and 2 deletions

View File

@ -1,6 +1,6 @@
# redirect-https # redirect-https
Redirect from HTTP to HTTPS using meta redirects Redirect from HTTP to HTTPS
See <https://coolaj86.com/articles/secure-your-redirects/> See <https://coolaj86.com/articles/secure-your-redirects/>
@ -58,7 +58,7 @@ server.listen(insecurePort, function () {
}); });
``` ```
# Why meta redirects? # Meta redirect by default, but why?
When something is broken (i.e. insecure), you don't want it to kinda work, you want developers to notice. When something is broken (i.e. insecure), you don't want it to kinda work, you want developers to notice.

View File

@ -33,6 +33,7 @@ module.exports = function (opts) {
var newLocation = 'https://' var newLocation = 'https://'
+ host.replace(/:\d+/, ':' + opts.port) + url + host.replace(/:\d+/, ':' + opts.port) + url
; ;
//var encodedLocation = encodeURI(newLocation); //var encodedLocation = encodeURI(newLocation);
var escapedLocation = escapeHtml(newLocation); var escapedLocation = escapeHtml(newLocation);
var decodedLocation; var decodedLocation;
@ -41,6 +42,7 @@ module.exports = function (opts) {
} catch(e) { } catch(e) {
decodedLocation = newLocation; // "#/error/?error_message=" + e.toString(); decodedLocation = newLocation; // "#/error/?error_message=" + e.toString();
} }
var body = opts.body var body = opts.body
.replace(/{{\s*HTML_URL\s*}}/ig, escapeHtml(decodedLocation)) .replace(/{{\s*HTML_URL\s*}}/ig, escapeHtml(decodedLocation))
.replace(/{{\s*URL\s*}}/ig, escapedLocation) .replace(/{{\s*URL\s*}}/ig, escapedLocation)
@ -57,6 +59,10 @@ module.exports = function (opts) {
+ '</html>\n' + '</html>\n'
; ;
if (opts.headerRedirect) {
res.statusCode = opts.headerRedirect.responseCode || 302;
res.setHeader('Location', newLocation);
}
res.setHeader('Content-Type', 'text/html; charset=utf-8'); res.setHeader('Content-Type', 'text/html; charset=utf-8');
res.end(metaRedirect); res.end(metaRedirect);
}; };