@reldens/server-utils 0.30.0 → 0.32.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/lib/app-server-factory/protocol-enforcer.js +4 -2
  2. package/lib/app-server-factory.js +18 -35
  3. package/package.json +1 -1
package/lib/app-server-factory/protocol-enforcer.js CHANGED
@@ -20,14 +20,16 @@ class ProtocolEnforcer
20
20
  this.useHttps = config.useHttps || false;
21
21
  this.enforceProtocol = config.enforceProtocol !== false;
22
22
  app.use((req, res, next) => {
23
- let protocol = (req.get('X-Forwarded-Proto') || req.protocol || '').toLowerCase();
23
+ let forwardedProto = req.get('X-Forwarded-Proto');
24
+ let protocol = (forwardedProto || req.protocol || '').toLowerCase();
24
25
  let host = (req.get('host') || '').toLowerCase().trim();
26
+ let isBehindProxy = !!forwardedProto;
25
27
  if(this.isDevelopmentMode){
26
28
  res.removeHeader('Origin-Agent-Cluster');
27
29
  res.removeHeader('Strict-Transport-Security');
28
30
  res.removeHeader('upgrade-insecure-requests');
29
31
  res.set('Origin-Agent-Cluster', '?0');
30
- if(this.enforceProtocol && host){
32
+ if(this.enforceProtocol && host && !isBehindProxy){
31
33
  if(!this.useHttps && 'https' === protocol){
32
34
  return res.redirect(301, 'http://'+host+req.url);
33
35
  }
package/lib/app-server-factory.js CHANGED
@@ -16,6 +16,7 @@ const express = require('express');
16
16
  const bodyParser = require('body-parser');
17
17
  const session = require('express-session');
18
18
  const compression = require('compression');
19
+ const tls = require('tls');
19
20
 
20
21
  class AppServerFactory
21
22
  {
@@ -97,30 +98,12 @@ class AppServerFactory
97
98
  };
98
99
  }
99
100
 
100
- parseUrl(url)
101
- {
102
- if(!url || 'string' !== typeof url){
103
- return false;
104
- }
105
- let cleanUrl = url.trim();
106
- if(!cleanUrl.startsWith('http://') && !cleanUrl.startsWith('https://')){
107
- return false;
108
- }
109
- let isHttps = cleanUrl.startsWith('https://');
110
- let domain = cleanUrl.replace(/^https?:\/\//, '').split(':')[0];
111
- return {
112
- isHttps,
113
- domain,
114
- protocol: isHttps ? 'https' : 'http'
115
- };
116
- }
117
-
118
101
  createAppServer(appServerConfig)
119
102
  {
120
103
  if(appServerConfig){
121
104
  Object.assign(this, appServerConfig);
122
105
  }
123
- this.processEnvironmentUrls();
106
+ this.addHttpDomainsAsDevelopment();
124
107
  this.detectDevelopmentMode();
125
108
  this.setupDevelopmentConfiguration();
126
109
  this.setupProtocolEnforcement();
@@ -142,23 +125,23 @@ class AppServerFactory
142
125
  return {app: this.app, appServer: this.appServer};
143
126
  }
144
127
 
145
- processEnvironmentUrls()
128
+ extractDomainFromHttpUrl(url)
146
129
  {
147
- let publicUrlInfo = this.parseUrl(process.env.RELDENS_PUBLIC_URL);
148
- let hostUrlInfo = this.parseUrl(process.env.RELDENS_APP_HOST);
149
- if(publicUrlInfo){
150
- this.useHttps = publicUrlInfo.isHttps;
151
- if(!this.developmentDomains.includes(publicUrlInfo.domain)){
152
- this.developmentDomains.push(publicUrlInfo.domain);
153
- }
130
+ if(!url || !url.startsWith('http://')){
131
+ return false;
154
132
  }
155
- if(hostUrlInfo){
156
- if(!publicUrlInfo){
157
- this.useHttps = hostUrlInfo.isHttps;
158
- }
159
- if(!this.developmentDomains.includes(hostUrlInfo.domain)){
160
- this.developmentDomains.push(hostUrlInfo.domain);
161
- }
133
+ return url.replace(/^http:\/\//, '').split(':')[0];
134
+ }
135
+
136
+ addHttpDomainsAsDevelopment()
137
+ {
138
+ let hostDomain = this.extractDomainFromHttpUrl(process.env.RELDENS_APP_HOST);
139
+ let publicDomain = this.extractDomainFromHttpUrl(process.env.RELDENS_PUBLIC_URL);
140
+ if(hostDomain && !this.developmentDomains.includes(hostDomain)){
141
+ this.developmentDomains.push(hostDomain);
142
+ }
143
+ if(publicDomain && !this.developmentDomains.includes(publicDomain)){
144
+ this.developmentDomains.push(publicDomain);
162
145
  }
163
146
  }
164
147
 
@@ -405,7 +388,7 @@ class AppServerFactory
405
388
  this.error = {message: 'Could not read domain SSL certificate: '+domain.certPath};
406
389
  return callback(null, null);
407
390
  }
408
- let ctx = require('tls').createSecureContext({key, cert});
391
+ let ctx = tls.createSecureContext({key, cert});
409
392
  callback(null, ctx);
410
393
  };
411
394
  return https.createServer(httpsOptions, this.app);
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@reldens/server-utils",
3
3
  "scope": "@reldens",
4
- "version": "0.30.0",
4
+ "version": "0.32.0",
5
5
  "description": "Reldens - Server Utils",
6
6
  "author": "Damian A. Pastorini",
7
7
  "license": "MIT",