express-http-to-https is a node.js package for providing an Express middleware that redirects the client to HTTPS if they attempt to connect over HTTP.
$ npm install --save express-http-to-https
app.use(redirectToHTTPS(ignoreHosts, ignoreRoutes));
- ignoreHosts: An array of strings of the hostnames on which to not enable the redirect. note: you must include the port here, for example
[/localhost:8080/]. - ignoreRoutes: An array of strings of the routes on which not to enable the redirect.
- redirectCode: The HTTP status code to return when redirecting. Defaults to 302 "found" can be any status code
var express = require('express');
var app = express();
var redirectToHTTPS = require('express-http-to-https').redirectToHTTPS
// Don't redirect if the hostname is `localhost:port` or the route is `/insecure`
app.use(redirectToHTTPS([/localhost:(\d{4})/], [/\/insecure/], 301));
app.get('/', function (req, res) {
res.send('Hello World!');
});
app.get('/insecure', function (req, res) {
res.send('Dangerous!');
});
app.listen(3000, function () {
console.log('Example app listening on port 3000!');
});
app.listen(8080, function () {
console.log('Example app listening on port 8080 insecurely!');
});
MIT License
Max Walker (max@maxwalker.me)
Aleksander Szmigiel