Skip to content

jclem/express-ssl

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
.jshintrc
.jshintrc
 
 
README.md
README.md
 
 
index.js
index.js
 
 
package.json
package.json
 
 

Repository files navigation

express-ssl

express-ssl enforces SSL for Express apps.

Use

Simply require and use the function exported by this module:

var ssl = require('express-ssl');
var app = require('express')();
app.use(ssl());

The function requires an optional object of options:

  • disabled: (default false) If true, this middleware will allow all requests through.
  • trustProxy: (default false) If true, trust the x-forwarded-proto header. If it is "https", requests are allowed through.
  • disallow: A function called with the request and response so that the user can handle rejecting non-SSL requests themselves.

By default, this middleware will only run when process.env.NODE_ENV is set to "production". Unless a disallow function is supplied it will respond with the status code 403 and the body "Please use HTTPS when communicating with this server."

Thanks, Heroku

While I created and maintain this project, it was done while I was an employee of Heroku on the Human Interfaces Team, and they were kind enough to allow me to open source the work. Heroku is awesome.

About

Enforce SSL for Express apps

npmjs.org/package/express-ssl

Resources

Readme
Activity

Stars

4 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

5 tags

Packages

No packages published

Languages