Force all incoming HTTP connections to be redirected to secure (HTTPS) version of your express app
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
test
.gitignore
.travis.yml
LICENSE
README.md
index.js
package.json

README.md

Build Status

node-force-secure-redirect

Force all incoming HTTP connections to be redirected to secure (HTTPS) version of your express app.

Works for node apps directly behind an Amazon ELB (Elastic Load Balancer).

Install

npm install node-force-secure-redirect --save

Usage

var forceHTTPS = require('node-force-secure-redirect');  
...  
...
...
app.set('trust proxy'); // this is important when your app is behind an ELB
app.use(forceHTTPS('environment'));  

where the environment parameter (string or array of strings) are the environment for which you want to enforce SSL on. If no environment string is passed in, HTTPS will not be enforced on any environment.

Tests

NODE_ENV=testing npm test

License

Licensed under GPL v3

Credits

Made with love in Dhaka, Bangladesh by Riyadh Al Nur