#13 update some of the examples

2024-11-16 17:28:59 +00:00 · 2018-08-18 04:08:50 -06:00 · 2018-08-18 04:08:50 -06:00 · 0c23c522a3
commit 0c23c522a3
parent b4d72bbd13
2 changed files with 5 additions and 29 deletions
--- a/examples/http2.js
+++ b/examples/http2.js
@ -57,6 +57,9 @@ var server = require('http2').createSecureServer(greenlock.tlsOptions);
 server.on('error', function (err) {
  console.error(err);
 });
+// WARNING: Because the middleware don't handle this API style,
+// the Host headers are unmodified and potentially dangerous
+// (ex: Host: Robert'); DROP TABLE Students;)
 server.on('stream', function (stream, headers) {
  console.log(headers);
  stream.respond({
--- a/examples/websockets.js
+++ b/examples/websockets.js
@ -15,6 +15,7 @@ var greenlock = Greenlock.create({
  server: 'https://acme-v02.api.letsencrypt.org/directory'
 , version: 'draft-11'
 , configDir: '~/.config/acme/'
+, app: require('./my-express-app.js')

  // You MUST change these to a valid email and domains
 , email: 'john.doe@example.com'
@ -27,31 +28,7 @@ var greenlock = Greenlock.create({
 //, debug: true
 });

-
-////////////////////////
-// http-01 Challenges //
-////////////////////////
-
-// http-01 challenge happens over plain http/1.1, not secure http
-var redirectHttps = require('redirect-https')();
-var acmeChallengeHandler = greenlock.middleware(redirectHttps);
-require('http').createServer(acmeChallengeHandler).listen(80, function () {
-  console.log("Listening for ACME http-01 challenges on", this.address());
-});
-
-
-////////////////////////
-// secure http        //
-////////////////////////
-
-var myApp = require('./my-express-app.js');
-// Use spdy for "h2" (http2) as to not be penalized by Google
-var server = require('spdy').createSecureServer(greenlock.tlsOptions, myApp);
-
-
-////////////////////////
-// secure websockets  //
-////////////////////////
+var server = greenlock.listen(80, 443);

 var WebSocket = require('ws');
 var ws = new WebSocket.Server({ server: server });
@ -61,7 +38,3 @@ ws.on('connection', function (ws, req) {
    + "Cookie: '" + (req.headers.cookie || 'none') + "'\n");
  ws.on('message', function (data) { ws.send(data); });
 });
-
-server.listen(443, function () {
-  console.log("Listening for secure http and websocket requests on", this.address());
-});