From 411bb51cc630d44c9d65b8a363fba52178cd081b Mon Sep 17 00:00:00 2001 From: "Ken \"Elf\" Mathieu Sternberg" Date: Tue, 29 Nov 2011 10:10:16 -0800 Subject: [PATCH] Fix issue where front-end is HTTPS, back-end is HTTP, and server issues a redirect. This handles the case where a back-end web application such as Django or Rails issues a redirect and automatically decorates the URL with the protocol with which it was addressed. If the back-ends are internal and HTTP-only, then they'll issue a URL with 'http://' as the protocol. This must be fixed before leaving the proxy. This also handles the (unusual) case where a back-end speaks only https://, but the user is deploying node-http-proxy to make that service available to non-SSL capable browsers. Works only with 301 and 302 codes. --- lib/node-http-proxy/http-proxy.js | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/lib/node-http-proxy/http-proxy.js b/lib/node-http-proxy/http-proxy.js index 7724ddb..1c7842c 100644 --- a/lib/node-http-proxy/http-proxy.js +++ b/lib/node-http-proxy/http-proxy.js @@ -213,6 +213,15 @@ HttpProxy.prototype.proxyRequest = function (req, res, buffer) { delete response.headers['transfer-encoding']; } + if ((response.statusCode === 301) || (response.statusCode === 302)) { + if (self.source.https && !self.target.https) { + response.headers.location = response.headers.location.replace(/^http\:/, 'https:'); + } + if (self.target.https && !self.source.https) { + response.headers.location = response.headers.location.replace(/^https\:/, 'http:'); + } + } + // Set the headers of the client response res.writeHead(response.statusCode, response.headers);