1 | ;
|
2 |
|
3 | module.exports = function enforceHTTPS() {
|
4 |
|
5 | return function(req, res, next) {
|
6 |
|
7 | var isHttps = req.secure;
|
8 |
|
9 | if(isHttps){
|
10 | next();
|
11 | } else {
|
12 | redirectUrl(req, res);
|
13 | }
|
14 | }
|
15 | };
|
16 |
|
17 | var redirectUrl = function (req, res) {
|
18 | if(req.method === "GET") {
|
19 | res.redirect(301, "https://" + req.headers.host + req.originalUrl);
|
20 | } else {
|
21 | res.send(403, "Please use HTTPS when submitting data to this server.");
|
22 | }
|
23 | }
|