diff options
author | Matthew Holt <mholt@users.noreply.github.com> | 2020-01-09 14:39:49 -0700 |
---|---|---|
committer | Matthew Holt <mholt@users.noreply.github.com> | 2020-01-09 14:39:49 -0700 |
commit | 994b9033e96da270dca48ab01377431028c06b52 (patch) | |
tree | 306846daf4a9b2272fa8b032d0509613f80466ba | |
parent | 590480513a548cf24df2fb85de4a3a073f45acac (diff) |
http: Don't use a Host matcher for HTTP->HTTPS redirects
In case on-demand TLS is enabled, in that case we don't know the only
names that have automatic HTTPS.
See https://caddy.community/t/v2-http-to-https-redirects-fail-for-on-demand-ssl-certs/6742?u=matt
-rw-r--r-- | modules/caddyhttp/caddyhttp.go | 7 |
1 files changed, 1 insertions, 6 deletions
diff --git a/modules/caddyhttp/caddyhttp.go b/modules/caddyhttp/caddyhttp.go index 0aa1d6c..8ff2fb6 100644 --- a/modules/caddyhttp/caddyhttp.go +++ b/modules/caddyhttp/caddyhttp.go @@ -486,12 +486,7 @@ func (app *App) automaticHTTPS() error { // create the route that does the redirect and associate // it with the listener address it will be served from lnAddrRedirRoutes[httpRedirLnAddr] = Route{ - MatcherSets: []MatcherSet{ - { - MatchProtocol("http"), - MatchHost(domains), - }, - }, + MatcherSets: []MatcherSet{{MatchProtocol("http")}}, Handlers: []MiddlewareHandler{ StaticResponse{ StatusCode: WeakString(strconv.Itoa(http.StatusPermanentRedirect)), |