diff options
author | Francis Lavoie <lavofr@gmail.com> | 2022-01-05 20:01:15 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-01-05 18:01:15 -0700 |
commit | 80d7a356b3443e0a994e5d6abfa6082ba3d5e6e7 (patch) | |
tree | a2f5f294c4d65a7e6b8245998522a6136bacf8d8 /modules/caddyhttp/app.go | |
parent | b4bfa29be2191ffacfa4ed747bd5cdce8da8917f (diff) |
caddyhttp: Redirect HTTP requests on the HTTPS port to https:// (#4313)
* caddyhttp: Redirect HTTP requests on the HTTPS port to https://
* Apply suggestions from code review
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
Diffstat (limited to 'modules/caddyhttp/app.go')
-rw-r--r-- | modules/caddyhttp/app.go | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/modules/caddyhttp/app.go b/modules/caddyhttp/app.go index 64cc540..67f9d1d 100644 --- a/modules/caddyhttp/app.go +++ b/modules/caddyhttp/app.go @@ -343,6 +343,11 @@ func (app *App) Start() error { // enable TLS if there is a policy and if this is not the HTTP port useTLS := len(srv.TLSConnPolicies) > 0 && int(listenAddr.StartPort+portOffset) != app.httpPort() if useTLS { + // create HTTP redirect wrapper, which detects if + // the request had HTTP bytes on the HTTPS port, and + // triggers a redirect if so. + ln = &httpRedirectListener{Listener: ln} + // create TLS listener tlsCfg := srv.TLSConnPolicies.TLSConfig(app.ctx) ln = tls.NewListener(ln, tlsCfg) |