diff --git a/lib/insecure-server.js b/lib/insecure-server.js index ce08c75..359fed9 100644 --- a/lib/insecure-server.js +++ b/lib/insecure-server.js @@ -43,7 +43,7 @@ module.exports.create = function (securePort, insecurePort, info, serverCallback // needs ECDSA? console.warn('HARD-CODED HTTPS EXCEPTION in insecure-server.js'); - if (/redirect-www.org/.test(host) && useAppInsecurely(req, res)) { + if (/redirect-www.org$/.test(host) && useAppInsecurely(req, res)) { return true; } diff --git a/lib/no-www.js b/lib/no-www.js index 1db8056..d7d8fba 100644 --- a/lib/no-www.js +++ b/lib/no-www.js @@ -20,8 +20,9 @@ module.exports.scrubTheDub = function (req, res, redirectives) { return false; } } else { - newLocation = 'https://' + hostname.replace(/^www\./, '') + req.url; + newLocation = 'https://' + hostname.replace(/^www\./, ''); } + newLocation += req.url; safeLocation = escapeHtml(newLocation); var metaRedirect = ''