programatic url rewrite http->https not working correctly

lwsjs / local-web-server

A lean, modular web server for rapid full-stack development.

MIT License

1.22k stars 86 forks source link

programatic url rewrite http->https not working correctly #76

Closed dkebler closed 6 years ago

dkebler commented 6 years ago

Below is my code. When I run this and type in the http request

trantor.645.kebler.net:8080

the http server does not rewrite the url but it does serve the files from https server at the above url insecurely without https.

If I put in the https url all is well https://trantor.645.kebler.net:8443

const LocalWebServer = require('local-web-server')
const https = new LocalWebServer()
const http = new LocalWebServer()

const CERT_PATH ='blah blah'
const CERT_NAME ='trantor.645.kebler.net'

const FILES_PATH ='blah blah'

http.listen({
  port: 8080,
  rewrite: '/* -> https://' + CERT_NAME + ':8443/$1'
})

https.listen({
  port: 8443,
  https: true,
  hostname: CERT_NAME,
  directory: FILES_PATH,
  spa: 'index.html',
  key: CERT_PATH + CERT_NAME + '.key',
  cert: CERT_PATH + CERT_NAME + '.crt'
})

dkebler commented 6 years ago

Maybe what I was hoping for was a redirect so I did it like below which works fine as expected but it would be nice if your module would have redirect build in. Not to hard just two lines in a handler

const LocalWebServer = require('local-web-server')
const https = new LocalWebServer()
const http = require('http');

const HTTP_PORT = 80
const HTTPS_PORT = 443

const CERT_PATH =''
const CERT_NAME ='trantor.645.kebler.net'

const FILES_PATH =''

// doesn't work as redirect
// http.listen({
//   port: HTTP_PORT,
//   rewrite: '/* -> https://' + CERT_NAME + '/$1'
// })

// use this
http.createServer(redirect).listen(HTTP_PORT)

function redirect (request, response) {
  response.writeHead(302,  {Location: 'https://' + request.headers.host + request.url})
  response.end()
}

// secure server
https.listen({
  port: HTTPS_PORT,
  https: true,
  hostname: CERT_NAME,
  directory: FILES_PATH,
  spa: 'index.html',
  key: CERT_PATH + CERT_NAME + '.key',
  cert: CERT_PATH + CERT_NAME + '.crt'
})

75lb commented 6 years ago

Hi, rewriting an incoming URL and returning a "302 Redirect" response are two completely different solutions to two different problems.

I'm not clear what the issue is, closing.

dkebler commented 6 years ago

yes nothing wrong with rewrite. this is not an issue but a feature request. Support a redirect too. Not a biggy. Obviously I have a solution.

75lb commented 6 years ago

what is the feature you're requesting? Some way of achieving your redirect solution above with a simple command-line flag or option? How should it work, something like the below?

$  ws --redirect-everything-to https://somewhere.else:9000

bennypowers commented 6 years ago

Hi there, Thanks for the awesome package! I'm using it to develop PWAs locally.

One of the Lighthouse criteria is that the site redirects requests from http to https. Of course, I can set up rewrite according to the wiki page's instructions, but that doesn't give me the 302 Redirect I need to pass this audit.

I'd very much like some feature like ws --server http2 --redirect-http-to-https which will take all requests and redirect them to https.

Thanks for considering.