The first thing is I'm not receiving any error and my website is working, apparently, well.
I just built a webapp using ReactJS and I serve it using ExpressJS. I decided to start using HTTPS and set the server in that way:
let fs = require('fs');
let express = require('express')
let http = require('http')
let https = require('https')
let config = require('config')
let server = express()
let privateKey = fs.readFileSync('./config/key.pem', 'utf8')
let certificate = fs.readFileSync('./config/cert.pem', 'utf8')
let credentials = { key: privateKey, cert: certificate, passphrase: config.sslPhrase }
let httpServer = http.createServer(server)
let httpsServer = https.createServer(credentials, server)
//Some routes...
httpServer.listen(80)
httpsServer.listen(443)
My server is running as I expect, with just one exception:
What I was expecting is:
I dont have any confidential data in my site neither cookies, there isn't any field of type password.
There are lots of tutorial explaining how to implement HTTPS on your site, but even in those tutorials they are showing the same result. It is not what I was expecting.
So part of my question is: Why is it happenning? The second part is: What should I do?
via Facundo La Rocca
No comments:
Post a Comment