mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2024-12-24 06:05:53 -05:00
Fix for #2675, added HTTPS redirect when x-forwarded-proto:http
This commit is contained in:
parent
6cde080ec9
commit
98e0801c8c
@ -33,10 +33,10 @@ module.exports.CreateRedirServer = function (parent, db, args, func) {
|
||||
// Perform an HTTP to HTTPS redirection
|
||||
function performRedirection(req, res) {
|
||||
var host = req.headers.host;
|
||||
if (typeof host == 'string') { host = host.split(":")[0]; }
|
||||
if (typeof host == 'string') { host = host.split(':')[0]; }
|
||||
if ((host == null) && (obj.certificates != null)) { host = obj.certificates.CommonName; if (obj.certificates.CommonName.indexOf('.') == -1) { host = req.headers.host; } }
|
||||
var httpsPort = ((obj.args.aliasport == null) ? obj.args.port : obj.args.aliasport); // Use HTTPS alias port is specified
|
||||
res.redirect("https://" + host + ":" + httpsPort + req.url);
|
||||
res.redirect('https://' + host + ':' + httpsPort + req.url);
|
||||
}
|
||||
|
||||
/*
|
||||
@ -59,7 +59,7 @@ module.exports.CreateRedirServer = function (parent, db, args, func) {
|
||||
if (i >= 0) { rootcert = rootcert.substring(i + 29); }
|
||||
i = rootcert.indexOf('-----END CERTIFICATE-----');
|
||||
if (i >= 0) { rootcert = rootcert.substring(i, 0); }
|
||||
res.send(Buffer.from(rootcert, "base64"));
|
||||
res.send(Buffer.from(rootcert, 'base64'));
|
||||
} else {
|
||||
res.sendStatus(404);
|
||||
}
|
||||
|
10
webserver.js
10
webserver.js
@ -5294,6 +5294,16 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
// Useful for debugging reverse proxy issues
|
||||
parent.debug('httpheaders', req.method, req.url, req.headers);
|
||||
|
||||
// If this request came over HTTP, redirect to HTTPS
|
||||
if (req.headers['x-forwarded-proto'] == 'http') {
|
||||
var host = req.headers.host;
|
||||
if (typeof host == 'string') { host = host.split(':')[0]; }
|
||||
if ((host == null) && (obj.certificates != null)) { host = obj.certificates.CommonName; if (obj.certificates.CommonName.indexOf('.') == -1) { host = req.headers.host; } }
|
||||
var httpsPort = ((obj.args.aliasport == null) ? obj.args.port : obj.args.aliasport); // Use HTTPS alias port is specified
|
||||
res.redirect('https://' + host + ':' + httpsPort + req.url);
|
||||
return;
|
||||
}
|
||||
|
||||
// Perform traffic accounting
|
||||
if (req.headers.upgrade == 'websocket') {
|
||||
// We don't count traffic on WebSockets since it's counted by the handling modules.
|
||||
|
Loading…
Reference in New Issue
Block a user