堆栈内存溢出
  简体   繁体   English

如何检测 Azure 网站上的 HTTPS 重定向?

[英]How to detect HTTPS redirection on Azure Websites?

 原文  2013-02-26 08:29:50       node.js/ azure

问题描述

As per the title, I have a Node.js application and I want to be able to detect whether a request is being made over HTTPS or HTTP.根据标题,我有一个 Node.js 应用程序,我希望能够检测请求是通过 HTTPS 还是 HTTP 发出的。 So far my redirection looks like this:到目前为止,我的重定向如下所示:

// Ensure the page is secure, or that we are running a development build
if (req.headers['x-forwarded-proto'] === 'https' || process.env.NODE_ENV === 'development') {
    res.render('index');
} else {
    winston.info('Request for login page made over HTTP, redirecting to HTTPS');
    res.redirect('https://' + req.host);
}

Which works fine on Nodejitsu, but a redirected HTTPS request doesn't have the 'x-forwarded-proto' header set on Azure.这在 Nodejitsu 上运行良好,但重定向的 HTTPS 请求没有在 Azure 上设置“x-forwarded-proto”标头。

3 个解决方案

解决方案1
 6 已采纳  2013-02-28 15:27:43

I think I was correct in my comment:我认为我的评论是正确的:

X-ARR-SSL seems to be the header to check for. X-ARR-SSL似乎是要检查的标头。

// Ensure the page is secure, or that we are running a development build
if (req.headers['x-forwarded-proto'] === 'https' || req.headers['x-arr-ssl'] || process.env.NODE_ENV === 'development') {
    res.render('index');
} else {
    winston.info('Request for login page made over HTTP, redirecting to HTTPS');
    res.redirect('https://' + req.host);
}

解决方案2
 4  2013-08-27 00:52:22

Ran into the exact same issue, but solved it in a different way.遇到了完全相同的问题,但以不同的方式解决了它。 If you're using Express and enable trust proxy then req.protocol will pick up the x-forwarded-proto header.如果您使用 Express 并启用信任代理,则 req.protocol 将获取 x-forwarded-proto 标头。 Azure doesn't set the x-forwarded-proto header, but you can use the x-arr-ssl header to hack it in manually so that req.protocol will return the correct value in the rest of your app. Azure 不设置 x-forwarded-proto 标头,但您可以使用 x-arr-ssl 标头手动破解它,以便 req.protocol 将在应用程序的其余部分返回正确的值。

Here's a gist: https://gist.github.com/freshlogic/6348417这是一个要点: https : //gist.github.com/freshlogic/6348417

var express = require('express');

var app = express();
app.enable('trust proxy');

// HACK: Azure doesn't support X-Forwarded-Proto so we add it manually
app.use(function(req, res, next) {
    if(req.headers['x-arr-ssl'] && !req.headers['x-forwarded-proto']) {
        req.headers['x-forwarded-proto'] = 'https';
    }

    return next();
});

解决方案3
 0  2021-07-24 14:23:19

UPDATE-2021: This is a very old answer. UPDATE-2021:这是一个非常古老的答案。 For a long time there is an option on all app service plans that support Custom domains.长期以来,所有支持自定义域的应用服务计划都有一个选项。 Go to the Custom domains blade in the azure portal for the App Service and set the HTTPS only checkbox.转到应用服务的 azure 门户中的自定义域边栏选项卡,并设置仅 HTTPS 复选框。 This will redirect even before traffic hits the app service.这甚至会在流量到达应用服务之前重定向。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在Azure网站上访问Node.js https应用 - access nodejs https app on Azure websites 你如何强制在Azure网站上的node.js上表达使用https? - How do you force express on node.js in Azure Websites to use https? Azure网站是否通过node.js支持https? - Do Azure websites support https with node.js? 如何跨不同网站检测用户? - How to detect user across different websites? 如何将NodeJS项目部署到Azure网站? - How to deploy NodeJS project to Azure websites? 蔚蓝网站上的iisnode和cors - iisnode and cors on azure websites Azure网站和Sass - Azure Websites and Sass 如何从 Azure 函数进行 https 调用? - How to make https call from Azure function? 某些网站如何避免响应从 node.js 内部发出的 https 请求? - How do some websites avoid responding to https requests made from inside node.js? 如何通过Azure网站上的Node.js应用程序将大文件的上传流通过管道传输到Azure Blob存储? - How to pipe upload stream of large files to Azure Blob storage via Node.js app on Azure Websites?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM