caddyhttp: Redirect HTTP requests on the HTTPS port to https:// (#4313)

* caddyhttp: Redirect HTTP requests on the HTTPS port to https:// * Apply suggestions from code review Co-authored-by: Matt Holt <mholt@users.noreply.github.com> Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
author: Francis Lavoie <lavofr@gmail.com> 2022-01-05 20:01:15 -0500
committer: GitHub <noreply@github.com> 2022-01-05 18:01:15 -0700
commit: 80d7a356b3443e0a994e5d6abfa6082ba3d5e6e7 (patch)
tree: a2f5f294c4d65a7e6b8245998522a6136bacf8d8 /modules/caddyhttp/app.go
parent: b4bfa29be2191ffacfa4ed747bd5cdce8da8917f (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/modules/caddyhttp/app.go b/modules/caddyhttp/app.go
index 64cc540..67f9d1d 100644
--- a/modules/caddyhttp/app.go
+++ b/modules/caddyhttp/app.go
@@ -343,6 +343,11 @@ func (app *App) Start() error {
 				// enable TLS if there is a policy and if this is not the HTTP port
 				useTLS := len(srv.TLSConnPolicies) > 0 && int(listenAddr.StartPort+portOffset) != app.httpPort()
 				if useTLS {
+					// create HTTP redirect wrapper, which detects if
+					// the request had HTTP bytes on the HTTPS port, and
+					// triggers a redirect if so.
+					ln = &httpRedirectListener{Listener: ln}
+
 					// create TLS listener
 					tlsCfg := srv.TLSConnPolicies.TLSConfig(app.ctx)
 					ln = tls.NewListener(ln, tlsCfg)
author	Francis Lavoie <lavofr@gmail.com>	2022-01-05 20:01:15 -0500
committer	GitHub <noreply@github.com>	2022-01-05 18:01:15 -0700
commit	80d7a356b3443e0a994e5d6abfa6082ba3d5e6e7 (patch)
tree	a2f5f294c4d65a7e6b8245998522a6136bacf8d8 /modules/caddyhttp/app.go
parent	b4bfa29be2191ffacfa4ed747bd5cdce8da8917f (diff)