App Engine 柔性版上的 HTTP 到 HTTPS 重定向
我遵循了这个答案:从 http 重定向到https 在谷歌云中,但目前似乎不再准确.引用的锚点 ( https://cloud.google.com/appengine/docs/flexible/nodejs/configuring-your-app-with-app-yaml#security ) 似乎已被删除,但没有替换说明.
I've followed the answer of this: Redirect from http to https in google cloud but it does not seem to be currently accurate any more. The anchor referenced ( https://cloud.google.com/appengine/docs/flexible/nodejs/configuring-your-app-with-app-yaml#security ) seems to have been removed but without a note of a replacement.
作为参考,我通过 Google App (flex) 引擎提供 NodeJS.根据我在 app.yaml 中得到的答案:
For reference, I am serving NodeJS over a Google App (flex) Engine. As per the answer I've got in my app.yaml:
handlers:
- url: /.*
script: IGNORED
secure: always
由于 HTTPS 在到达我的 Express 引擎之前显然已终止(并且在那里重定向将毫无用处);目前如何正确实施?
Since HTTPS is obviously terminated before it hits my Express engine (and redirection on there would be useless); how is it currently correctly implemented?
可能有用,我通过控制台中的自定义域"选项卡附加了一个外部域,并且确实配置了 SSL 证书(因此,如果用户手动访问 https://.com,一切正常)
Potentially helpful, I have an external domain attached via the "Custom domains" tab in the console, and there is indeed a SSL certificate configured (so if a user manually goes to https://.com everything is fine)
柔性环境当前不支持 app.yaml 中的处理程序.如果你想要 https://重定向,你有几个选择:
The flexible environment does not current support handlers in the app.yaml. If you want https:// redirection, you have a few options:
- Use helmet to do to HSTS stuff for you, and implement your own initial redirect.
- I wrote a happy little library to always forces SSL on all routes for express yes-https
我们正在考虑默认将所有流量自动重定向到 SSL.您认为这对您的应用来说是一件好事吗?
We are considering auto-redirecting all traffic to SSL by default. Do you think that would be a good thing for your apps?