fix in force-https redirect (#441)

This commit is contained in:
Andrea Spacca 2021-12-07 19:41:42 +01:00 committed by GitHub
parent 014b95ff07
commit d2a0e77814
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -630,7 +630,6 @@ func getURL(r *http.Request, proxyPort string) *url.URL {
u.Scheme = "http"
}
if u.Host == "" {
host, port, err := net.SplitHostPort(r.Host)
if err != nil {
host = r.Host
@ -639,6 +638,7 @@ func getURL(r *http.Request, proxyPort string) *url.URL {
if len(proxyPort) != 0 {
port = proxyPort
}
if len(port) == 0 {
u.Host = host
} else {
@ -650,7 +650,6 @@ func getURL(r *http.Request, proxyPort string) *url.URL {
u.Host = net.JoinHostPort(host, port)
}
}
}
return u
}
@ -1099,10 +1098,22 @@ func (s *Server) RedirectHandler(h http.Handler) http.HandlerFunc {
} else if strings.HasSuffix(ipAddrFromRemoteAddr(r.Host), ".onion") {
// .onion addresses cannot get a valid certificate, so don't redirect
} else if r.Header.Get("X-Forwarded-Proto") == "https" {
} else if r.URL.Scheme == "https" {
} else if r.TLS != nil {
} else {
u := getURL(r, s.proxyPort)
u.Scheme = "https"
if len(s.proxyPort) == 0 && len(s.TLSListenerString) > 0 {
_, port, err := net.SplitHostPort(s.TLSListenerString)
if err != nil || port == "443" {
port = ""
}
if len(port) > 0 {
u.Host = net.JoinHostPort(u.Hostname(), port)
} else {
u.Host = u.Hostname()
}
}
http.Redirect(w, r, u.String(), http.StatusPermanentRedirect)
return