我可以配置expressjs通过http和其他人通过https提供某些页面吗?
[英]Can I configure expressjs to serve some pages over http and others over https?
问题描述
Based on the response to this question: 
根据对此问题的回答:
How do I configure nodejs/expressjs to serve pages over https? 如何配置nodejs / expressjs以通过https提供页面?
I've been trying to set up the equivalent of: 我一直试图建立相当于:
var express = require('express');
var fs = require("fs");
var crypto = require('crypto');
var app = express.createServer();
var appSecure = express.createServer();
var privateKey = fs.readFileSync('privatekey.pem').toString();
var certificate = fs.readFileSync('certificate.pem').toString();
var credentials = crypto.createCredentials({key: privateKey, cert: certificate});
appSecure.setSecure(credentials);
app.get('/secretStuff', function(req,res) {
//redirect to https
}
appSecure.get('/secretStuff', function(req, res) {
//show you the secret stuff
}
Is this something that's doable with the current release of expressjs and node 2.4? 这是当前发布的expressjs和2.4节点可以实现的吗?
2 个解决方案
解决方案1
3 已采纳 2011-07-16 20:43:29
Yes, this can be done and it looks like you already have most of what you need. 是的,这可以完成,看起来你已经拥有了你需要的大部分内容。 Just send the redirect in your app.get handler 只需在app.get处理程序中发送重定向即可
app.get('/secretStuff', function(req,res) {
res.redirect('https://' + req.header('Host') + req.url);
}
Also make sure you do something like app.listen(80) and appSecure.listen(443) to actually start the servers on the appropriate port. 还要确保你执行app.listen(80)和appSecure.listen(443)来实际启动相应端口上的服务器。 Otherwise be sure to construct the HTTPS URL with the correct port. 否则,请确保使用正确的端口构造HTTPS URL。 For production, this thing is typically handled outside of your app server (node.js) with a reverse proxy like nginx . 对于生产,这个东西通常在你的app服务器(node.js)之外使用像nginx这样的反向代理处理。 It is trivial to do this in nginx which will let your node.js process run as non-root and remove the need to have clients directly connecting to node.js, which is not as battle-hardened as nginx for serving live internect TCP connections (I'm paraphrasing Ryan Dahl himself here). 在nginx中执行此操作是微不足道的,这将使您的node.js进程以非root用户身份运行,并且无需客户端直接连接到node.js,这不像nginx那样用于提供实时内部TCP连接。 (我在这里解释Ryan Dahl)。
解决方案2
0 2011-03-02 20:46:05
You can only serve a web page over the connection that the request came in. If the request did not come in over https, you can't send the response that way. 您只能通过请求所在的连接提供网页。如果请求未通过https进入,则无法以此方式发送响应。
So, first you have to be listening for both http and https requests. 因此,首先您必须同时监听http和https请求。 If a request comes in over http that you want to answer over a secure connection, do not do any processing but immediately redirect it to an https url. 如果您希望通过安全连接通过http进入请求,请不要进行任何处理,而是立即将其重定向到https网址。 Then when the client reissues the request, process as normally. 然后,当客户端重新发出请求时,正常处理。
If the framework uses JSGI then you can probably use the redirect module from Jack otherwise you will have to do it yourself. 如果框架使用JSGI,那么你可以使用Jack的重定向模块,否则你必须自己动手。 The details are at the link, ie response code 301 and Location: header with the https URL. 详细信息位于链接,即响应代码301和位置:标头以及https URL。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.