I am trying to force redirect from HTTP to HTTPS, and have almost succeeded. Following other SO posts, I have this code :
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
next();
});
app.use(function (req, res, next) {
if (req.header('x-forwarded-proto') === 'http' && process.env.NODE_ENV === 'production') {
console.log("redirecting to https : " + req.url);
res.redirect(301, 'https://' + 'website.com' + req.url);
return
}
next();
});
Everything gets redirected properly, EXCEPT the original hit, so when the client types 'website.com' in the browser bar, he is not redirected to HTTPS. I haven't been able to find why that happens.
via Storm
No comments:
Post a Comment