Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add an option to allow redirect of http port 80 to https. #1928

Merged
merged 3 commits into from
Dec 25, 2017
Merged

Add an option to allow redirect of http port 80 to https. #1928

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
d318310
Add an option to allow redirect of http port 80 to https.
MCF Jun 10, 2017
929f1b0
Change redirector setting name, add a port to redirect setting
MCF Dec 19, 2017
7c71d19
Merge branch 'master' into redirect_port_80
bkcsoft Dec 25, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 23 additions & 0 deletions cmd/web.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,26 @@ and it takes care of all the other things for you`,
},
}

func runHTTPRedirector() {
source := fmt.Sprintf("%s:%s", setting.HTTPAddr, setting.PortToRedirect)
dest := strings.TrimSuffix(setting.AppURL, "/")
log.Info("Redirecting: %s to %s", source, dest)

handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
target := dest + r.URL.Path
if len(r.URL.RawQuery) > 0 {
target += "?" + r.URL.RawQuery
}
http.Redirect(w, r, target, http.StatusTemporaryRedirect)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why Temporary and not Permanent? Then webbrowsers can go to https automagically afterwards even if they type http 🤔

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Temporary redirect also supports POST. I based the redirect logic on this gist: https://gist.github.com/d-schmidt/587ceec34ce1334a5e60

I don't have strong feelings about this either way. It felt more complete to support any type of request. Chrome seems to treat temporary in a similar manner as permanent. Presumably it is doing so with some kind of cache timeout, so you would go back to the http address after a period of time.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Makes sense to me. LGTM

})
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just take r.URL and change Schema to https 😕

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thx for the feedback. I had considered the http to https approach but had thought of a configuration with https not on port 443. Then it won't work. Perhaps that particular configuration is so unlikely we don't need to support it?

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I for one use it (with a company of 6 people currently). We have multiple https services listening on different ports with IIS redirecting them from port 443 to the appropriate port based on the request's URL, so people don't have to remember the port numbers. We create an additional rule to redirect to https if the service does not have this option, but creating a redirection in IIS is a royal pain, so I would love to be able to do this in Gitea on any possible port.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@bkcsoft your requested change seems to conflict with with the change I just made for @lunny? Can you please re-visit and see what you now think? Also I have an open question above that I was hoping you would comment on.


var err = runHTTP(source, context2.ClearHandler(handler))

if err != nil {
log.Fatal(4, "Failed to start port redirection: %v", err)
}
}

func runWeb(ctx *cli.Context) error {
if ctx.IsSet("config") {
setting.CustomConf = ctx.String("config")
Expand Down Expand Up @@ -124,6 +144,9 @@ func runWeb(ctx *cli.Context) error {
case setting.HTTP:
err = runHTTP(listenAddr, context2.ClearHandler(m))
case setting.HTTPS:
if setting.RedirectOtherPort {
go runHTTPRedirector()
}
err = runHTTPS(listenAddr, setting.CertFile, setting.KeyFile, context2.ClearHandler(m))
case setting.FCGI:
listener, err := net.Listen("tcp", listenAddr)
Expand Down
6 changes: 6 additions & 0 deletions custom/conf/app.ini.sample
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -109,6 +109,12 @@ ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
; Listen address. Either a IPv4/IPv6 address or the path to a unix socket.
HTTP_ADDR = 0.0.0.0
HTTP_PORT = 3000
; If REDIRECT_OTHER_PORT is true, and PROTOCOL is set to https an http server
; will be started on PORT_TO_REDIRECT and redirect request to the main
; ROOT_URL. Defaults are false for REDIRECT_OTHER_PORT and 80 for
; PORT_TO_REDIRECT.
REDIRECT_OTHER_PORT = false
PORT_TO_REDIRECT = 80
; Permission for unix socket
UNIX_SOCKET_PERMISSION = 666
; Local (DMZ) URL for Gitea workers (such as SSH update) accessing web service.
Expand Down
4 changes: 4 additions & 0 deletions modules/setting/setting.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,8 @@ var (
HTTPAddr string
HTTPPort string
LocalURL string
RedirectOtherPort bool
PortToRedirect string
OfflineMode bool
DisableRouterLog bool
CertFile string
Expand Down Expand Up @@ -741,6 +743,8 @@ func NewContext() {
defaultLocalURL += ":" + HTTPPort + "/"
}
LocalURL = sec.Key("LOCAL_ROOT_URL").MustString(defaultLocalURL)
RedirectOtherPort = sec.Key("REDIRECT_OTHER_PORT").MustBool(false)
PortToRedirect = sec.Key("PORT_TO_REDIRECT").MustString("80")
OfflineMode = sec.Key("OFFLINE_MODE").MustBool()
DisableRouterLog = sec.Key("DISABLE_ROUTER_LOG").MustBool()
StaticRootPath = sec.Key("STATIC_ROOT_PATH").MustString(AppWorkPath)
Expand Down