Thank you for this explanation.
If all I wanted was to for all traffic to be https via redirection is that a bad idea? If not is that a bad idea on localhost for dev?
Thank you for this explanation.
If all I wanted was to for all traffic to be https via redirection is that a bad idea? If not is that a bad idea on localhost for dev?
Just using 30x redirects without HSTS is usually not a problem, though you still need certificates.
Not worried about the cert, got that working.
I guess I just have to manage the redirection by hand somewhere in the router? If so why does
force_ssl: [rewrite_on: [:x_forwarded_proto]]
not work for localhost? what am I missing. I’m was hoping it was as simple as a flag force_ssl
type thing.
Have you plug Plug.SSL
in your pipeline?
I didnt see it when looking at my router so I added it and nothing changed still rendering requests to http with 200.
https://github.com/PolymorphicProductions/morphic.pro/tree/feature/force_https/17 is what I’m working on.
Well, reading the docs, there is this option:
:exclude
- exclude the given hosts from redirecting to thehttps
scheme. Defaults to["localhost"]
Have you tried an empty list?
But make sure to set hsts: false
also, just to be sure
http: [port: 4000],
https: [
port: 4001,
cipher_suite: :strong,
certfile: "priv/cert/localhost.crt",
keyfile: "priv/cert/localhost.key"
],
url: [host: "localhost", port: 4001],
debug_errors: true,
code_reloader: true,
check_origin: false,
watchers: [
node: [
"node_modules/webpack/bin/webpack.js",
"--mode",
"development",
"--watch-stdin",
cd: Path.expand("../assets", __DIR__)
]
],
force_ssl: [hsts: false, rewrite_on: [:x_forwarded_proto], exclude: []]
Is redirecting but is not redirecting to the configured port, only redirecting to https
in short:
http://localhost:4000
becomes https://localhost
not https://localhost:4001
which is a good step in the right direction
whoot! finally!. Ok so it looks like I have to use the host option too.
force_ssl: [hsts: false, rewrite_on: [:x_forwarded_proto], exclude: [], host: "localhost:4001"]
This was very helpful!
In my case, the rewrite_on: [:x_forwarded_proto]
option didn’t seem to be necessary.