Skip to content

Commit

Permalink
Added a new option for redirecting to https
Browse files Browse the repository at this point in the history
  • Loading branch information
@joeuhren
joeuhren committed May 23, 2023
1 parent 74e9b43 commit cb6c95c
Show file tree
Hide file tree
Showing 3 changed files with 27 additions and 0 deletions.
19 changes: 19 additions & 0 deletions app.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,8 +33,26 @@ Object.keys(settings.blockchain_specific).forEach(function(key, index, map) {
});
}
});

// whitelist the cmds in the nodeapi access list
nodeapi.setAccess('only', apiAccessList);

// determine if http traffic should be forwarded to https
if (settings.webserver.tls.enabled == true && settings.webserver.tls.always_redirect == true) {
app.use(function(req, res, next) {
if (req.secure) {
// continue without redirecting
next();
} else {
// add webserver port to the host value if it does not already exist
const host = req.headers.host + (req.headers.host.indexOf(':') > -1 ? '' : ':' + settings.webserver.port.toString());

// redirect to the correct https page
res.redirect(301, 'https://' + host.replace(':' + settings.webserver.port.toString(), (settings.webserver.tls.port != 443 ? ':' + settings.webserver.tls.port.toString() : '')) + req.url);
}
});
}

// determine if cors should be enabled
if (settings.webserver.cors.enabled == true) {
app.use(function(req, res, next) {
Expand All @@ -44,6 +62,7 @@ if (settings.webserver.cors.enabled == true) {
next();
});
}

// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'pug');
Expand Down
4 changes: 4 additions & 0 deletions lib/settings.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,10 @@ exports.webserver = {
// port: Port # to configure the express webserver to listen for https requests on
// NOTE: Be sure to configure firewalls to allow traffic through this port or the explorer website may not be accessible remotely
"port": 443,
// always_redirect: Force all explorer traffic to use https
// If set to true, all http web requests will automatically be forwarded to https
// If set to false, the webserver will allow both http and https traffic
"always_redirect": false,
// cert_file: The absolute or relative path to the tls certificate file. Typically this file will be generated from certbot (read more: https://certbot.eff.org)
"cert_file": "/etc/letsencrypt/live/domain-name-here/cert.pem",
// chain_file: The absolute or relative path to the tls chain file. Typically this file will be generated from certbot (read more: https://certbot.eff.org)
Expand Down
4 changes: 4 additions & 0 deletions settings.json.template
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,10 @@
// port: Port # to configure the express webserver to listen for https requests on
// NOTE: Be sure to configure firewalls to allow traffic through this port or the explorer website may not be accessible remotely
"port": 443,
// always_redirect: Force all explorer traffic to use https
// If set to true, all http web requests will automatically be forwarded to https
// If set to false, the webserver will allow both http and https traffic
"always_redirect": true,
// cert_file: The absolute or relative path to the tls certificate file. Typically this file will be generated from certbot (read more: https://certbot.eff.org)
"cert_file": "/etc/letsencrypt/live/domain-name-here/cert.pem",
// chain_file: The absolute or relative path to the tls chain file. Typically this file will be generated from certbot (read more: https://certbot.eff.org)
Expand Down

0 comments on commit cb6c95c

Please sign in to comment.