Set the redirect handler for lets encrypt.

This commit sets the http handler to the redirect function for let's encrypt enabled drone instances. In addition, the `Strict-Transport-Security` header is added to the redirect given `header.Secure` will only be added for gin routes. This commit resolves #2261.
2024-06-09 17:09:46 +00:00 · 2017-11-15 23:27:57 -05:00 · 2017-11-15 23:27:57 -05:00 · 8476c90bbf
parent 238e916fa0
commit 8476c90bbf
1 changed files with 4 additions and 1 deletions
--- a/cmd/drone-server/server.go
+++ b/cmd/drone-server/server.go
@ -565,7 +565,7 @@ func server(c *cli.Context) error {
 	// start the server with lets encrypt enabled
 	// listen on ports 443 and 80
 	g.Go(func() error {
-		return http.ListenAndServe(":http", handler)
+		return http.ListenAndServe(":http", http.HandlerFunc(redirect))
 	})

 	g.Go(func() error {
@ -681,6 +681,9 @@ func redirect(w http.ResponseWriter, req *http.Request) {
 	serverHost = strings.TrimPrefix(serverHost, "https://")
 	req.URL.Scheme = "https"
 	req.URL.Host = serverHost
+
+	w.Header().Set("Strict-Transport-Security", "max-age=31536000")
+
 	http.Redirect(w, req, req.URL.String(), http.StatusMovedPermanently)
 }