summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthew Holt <mholt@users.noreply.github.com>2020-01-09 14:39:49 -0700
committerMatthew Holt <mholt@users.noreply.github.com>2020-01-09 14:39:49 -0700
commit994b9033e96da270dca48ab01377431028c06b52 (patch)
tree306846daf4a9b2272fa8b032d0509613f80466ba
parent590480513a548cf24df2fb85de4a3a073f45acac (diff)
http: Don't use a Host matcher for HTTP->HTTPS redirects
In case on-demand TLS is enabled, in that case we don't know the only names that have automatic HTTPS. See https://caddy.community/t/v2-http-to-https-redirects-fail-for-on-demand-ssl-certs/6742?u=matt
-rw-r--r--modules/caddyhttp/caddyhttp.go7
1 files changed, 1 insertions, 6 deletions
diff --git a/modules/caddyhttp/caddyhttp.go b/modules/caddyhttp/caddyhttp.go
index 0aa1d6c..8ff2fb6 100644
--- a/modules/caddyhttp/caddyhttp.go
+++ b/modules/caddyhttp/caddyhttp.go
@@ -486,12 +486,7 @@ func (app *App) automaticHTTPS() error {
// create the route that does the redirect and associate
// it with the listener address it will be served from
lnAddrRedirRoutes[httpRedirLnAddr] = Route{
- MatcherSets: []MatcherSet{
- {
- MatchProtocol("http"),
- MatchHost(domains),
- },
- },
+ MatcherSets: []MatcherSet{{MatchProtocol("http")}},
Handlers: []MiddlewareHandler{
StaticResponse{
StatusCode: WeakString(strconv.Itoa(http.StatusPermanentRedirect)),