This PR makes it easy to configuration a HTTP -> HTTPS redirect by setting the FORCE_HTTPS environment variable to true. Because this should be encouraged for most Ember applications that use some form of authentication to a backend API, I think it deserves to make it into the project directly. Any production deployment sending passwords or auth tokens should not ship without this.
Implementing it locally can also be a slight head-scratcher because you typically do the redirect this way when you have access to the port and server_name:
server {
listen 80;
server_name example.com www.example.com;
return 301 https://example.com$request_uri;
}
server {
listen 443 ssl;
...
}
tonycoco
commented
10 years ago
I know that this was discussed in https://github.com/tonycoco/heroku-buildpack-ember-cli/issues/10, but I wanted to bring it up again for discussion.
This PR makes it easy to configuration a HTTP -> HTTPS redirect by setting the
FORCE_HTTPSenvironment variable to true. Because this should be encouraged for most Ember applications that use some form of authentication to a backend API, I think it deserves to make it into the project directly. Any production deployment sending passwords or auth tokens should not ship without this.Implementing it locally can also be a slight head-scratcher because you typically do the redirect this way when you have access to the
portandserver_name:Thanks for taking a look!