发表新帖
发表新帖

How to permanently redirect `http://` and `www.` URLs to `https://`?

后端 未结
关注
6 1144
粉色の甜心
粉色の甜心 2020-12-24 11:34

I have a Google App Engine project. On this project I have setup a custom domain and an SSL certificate. Therefore, I can use https://www.mysite.xxx, http

相关标签:
6条回答
  • 春和景丽
    2020-12-24 12:07

    So you can add "secure: always" to your yaml file

    https://cloud.google.com/appengine/docs/python/config/appconfig?hl=en#Python_app_yaml_Secure_URLs

    0 讨论(0)
  • 难免孤独
    2020-12-24 12:08

    It should be done in your application. Please check this post https://stackoverflow.com/a/54289378/5293578

    I've tried the following code and it worked for me (You must put this before the default request and error handler):

    /**==== File: server.js =======**/

/** Express configuration **/

// HTTPS Redirection
if (process.env.NODE_ENV === 'production') {
  app.use (function (req, res, next) {
    var schema = (req.headers['x-forwarded-proto'] || '').toLowerCase();
    if (schema === 'https') {
      next();
    } else {
      res.redirect('https://' + req.headers.host + req.url);
    }
  });
}

/** ... more configuration **/

// Default request handler
app.use(function(req, res, next) {
  // ... your code
});

// Default error handler
app.use(function(err, req, res, next) {
  // ... your code
});
    0 讨论(0)
  • 北恋
    2020-12-24 12:17

    Just in case, it is not possible to include secure handlers in app.yaml on App Engine Flexible, there isn't support for them:

    The secure setting under handlers is now deprecated for the App Engine flexible environment. If you need SSL redirection, you can update your application code and use the X-Forwarded-Proto header to redirect http traffic. (Reference: https://cloud.google.com/appengine/docs/flexible/java/upgrading#appyaml_changes)

    The reference is from Java, but it seems to be the same for Node. I've tried to include handlers and it didn't work.

    As you can see, a possible solution would be to "use X-Forwarded-Proto header to redirect http traffic". I haven't tried this because I will move to App Engine Standard, but someone has done it and explained here.

    0 讨论(0)
  • 时光说笑
    2020-12-24 12:23

    For the sake of completeness. The Java way is to set the transport guarantee to confidential like this.

    <security-constraint>
  <web-resource-collection>
    <web-resource-name>profile</web-resource-name>
    <url-pattern>/profile/*</url-pattern>
  </web-resource-collection>
  <user-data-constraint>
    <transport-guarantee>CONFIDENTIAL</transport-guarantee>
  </user-data-constraint>
</security-constraint>

    You can also find this here in the documentation.

    0 讨论(0)
  • 迷失自我
    2020-12-24 12:28

    In case your domain is purchased or transferred to Google Domain then you could do it in G-Suite under the Synthetic records section:

    0 讨论(0)
  • 臣服心动
    2020-12-24 12:30

    (For Node at least,) in your app.yaml, add the following:

    handlers:
- url: /.*
  secure: always
  redirect_http_response_code: 301
  script: auto

    Reference: https://cloud.google.com/appengine/docs/standard/nodejs/config/appref

    0 讨论(0)
 看不清?
提交回复
热议问题