Skip to content

Commit

Permalink
Add http to https redirect
Browse files Browse the repository at this point in the history
  • Loading branch information
akclace committed Dec 20, 2024
1 parent fafcf4b commit 02c8210
Show file tree
Hide file tree
Showing 3 changed files with 37 additions and 8 deletions.
35 changes: 31 additions & 4 deletions internal/server/router.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ import (
"encoding/json"
"fmt"
"io"
"net"
"net/http"
"os"
"runtime/debug"
Expand Down Expand Up @@ -116,16 +117,17 @@ func NewUDSHandler(logger *types.Logger, config *types.ServerConfig, server *Ser
// authentication is enabled. It also mounts the internal APIs if admin over TCP is enabled
func NewTCPHandler(logger *types.Logger, config *types.ServerConfig, server *Server) *Handler {
router := chi.NewRouter()
router.Use(server.handleStatus)
router.Use(panicRecovery)

handler := &Handler{
Logger: logger,
config: config,
server: server,
router: router,
}

if config.Http.RedirectToHttps {
router.Use(handler.httpsRedirectMiddleware)
}
router.Use(server.handleStatus)
router.Use(panicRecovery)
router.Use(middleware.Logger)
router.Use(AddVaryHeader)
router.Use(middleware.CleanPath)
Expand All @@ -148,6 +150,31 @@ func NewTCPHandler(logger *types.Logger, config *types.ServerConfig, server *Ser
return handler
}

// httpsRedirectMiddleware checks if the request was made using HTTP (no TLS)
// and redirects it to the HTTPS version of the URL if so.
func (h *Handler) httpsRedirectMiddleware(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.TLS == nil {
u := *r.URL
u.Scheme = "https"
u.Host = r.Host

host, _, err := net.SplitHostPort(r.Host)
if err == nil {
// update https port
u.Host = fmt.Sprintf("%s:%d", host, h.server.config.Https.Port)
}

// Redirect to the HTTPS version of the URL
http.Redirect(w, r, u.String(), http.StatusPermanentRedirect) // 308 (301 does not keep method)
return
}

// If it's already HTTPS, just proceed
next.ServeHTTP(w, r)
})
}

func (h *Handler) callApp(w http.ResponseWriter, r *http.Request) {
h.Debug().Str("method", r.Method).Str("url", r.URL.String()).Msg("App Received request")

Expand Down
5 changes: 3 additions & 2 deletions internal/system/clace.default.toml
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,9 @@ default_format = "table" # default output format for the client commands

# HTTP port binding related Config
[http]
host = "127.0.0.1" # bind to localhost by default for HTTP
port = 25222 # default port for HTTP
host = "127.0.0.1" # bind to localhost by default for HTTP
port = 25222 # default port for HTTP
redirect_to_https = false # redirect HTTP to HTTPS

# HTTPS port binding related Config
[https]
Expand Down
5 changes: 3 additions & 2 deletions internal/types/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -144,8 +144,9 @@ type PluginContext struct {

// HttpConfig is the configuration for the HTTP server
type HttpConfig struct {
Host string `toml:"host"`
Port int `toml:"port"`
Host string `toml:"host"`
Port int `toml:"port"`
RedirectToHttps bool `toml:"redirect_to_https"`
}

// HttpsConfig is the configuration for the HTTPs server
Expand Down

0 comments on commit 02c8210

Please sign in to comment.