Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ensure Https protocol for serving brotli #52

Open
nksfrank opened this issue May 7, 2022 · 1 comment
Open

Ensure Https protocol for serving brotli #52

nksfrank opened this issue May 7, 2022 · 1 comment
Labels
wontfix

Comments

@nksfrank
Copy link

nksfrank commented May 7, 2022

one of the requirements for serving brotli encryption is a https protocol.

right now, when setting up express-static-gzip with brotli enabled, any request not over https fails.

would it be possible to verify req protocol is https before trying to serve .br files?
@tkoenig89
Copy link
Owner

tkoenig89 commented May 11, 2022
edited
Loading

I have thought about this in the past already, and decided, that enforcing a protocol is not the task of this middlware. As express-static-gzip supports multiple/any comporessions the developer should be responsible for prerequisits that come with any of these.

Specific on your https case, i wonder why not always use https and therefore enforce it on all endpoints as https has become the defacto standard since the snowden revelations.

If you just want to ensure compressed files are send on https i would recommend adding a simple 'middleware' on top. For example like this pseudo code example:

app.use("/files", () => ensureHttps());
app.use("/files", expressStaticGzip");

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
wontfix
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tkoenig89 @nksfrank