| 
									
										
										
										
											2015-07-07 17:19:44 -06:00
										 |  |  | 'use strict'; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | module.exports = function (opts) { | 
					
						
							|  |  |  |   var escapeHtml = require('escape-html'); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   if (!opts) { | 
					
						
							|  |  |  |     opts = {}; | 
					
						
							|  |  |  |   } | 
					
						
							| 
									
										
										
										
											2018-10-02 17:49:24 -06:00
										 |  |  |   if (!isFinite(opts.port)) { | 
					
						
							| 
									
										
										
										
											2015-07-07 17:19:44 -06:00
										 |  |  |     opts.port = 443; | 
					
						
							|  |  |  |   } | 
					
						
							| 
									
										
										
										
											2018-10-02 17:49:24 -06:00
										 |  |  |   if (!opts.browsers) { | 
					
						
							|  |  |  |     opts.browsers = 301; | 
					
						
							|  |  |  |   } | 
					
						
							|  |  |  |   if (!opts.apis) { | 
					
						
							|  |  |  |     opts.apis = 'meta'; | 
					
						
							|  |  |  |   } | 
					
						
							| 
									
										
										
										
											2015-07-07 17:19:44 -06:00
										 |  |  |   if (!('body' in opts)) { | 
					
						
							| 
									
										
										
										
											2018-08-16 20:50:50 -06:00
										 |  |  |     opts.body = "<!-- Hello Developer Person! We don't serve insecure resources around here." | 
					
						
							| 
									
										
										
										
											2015-07-07 17:19:44 -06:00
										 |  |  |       + "\n    Please use HTTPS instead. -->"; | 
					
						
							|  |  |  |   } | 
					
						
							| 
									
										
										
										
											2018-02-27 15:42:26 -07:00
										 |  |  |   opts.body = opts.body.replace(/{{\s+PORT\s+}}/ig, opts.port); | 
					
						
							| 
									
										
										
										
											2015-07-07 17:19:44 -06:00
										 |  |  | 
 | 
					
						
							|  |  |  |   return function (req, res, next) { | 
					
						
							|  |  |  |     if (req.connection.encrypted | 
					
						
							|  |  |  |       || 'https' === req.protocol | 
					
						
							|  |  |  |       || (opts.trustProxy && 'https' === req.headers['x-forwarded-proto']) | 
					
						
							|  |  |  |     ) { | 
					
						
							|  |  |  |       next(); | 
					
						
							|  |  |  |       return; | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-02-27 15:42:26 -07:00
										 |  |  |     var url = (req.originalUrl || req.url); | 
					
						
							| 
									
										
										
										
											2018-10-02 17:49:24 -06:00
										 |  |  |     // We don't want chrome showing the "Not Secure" badge during the redirect.
 | 
					
						
							|  |  |  |     var probablyBrowser = (0 === (req.headers['user-agent']||'').indexOf('Mozilla/')); | 
					
						
							|  |  |  |     // But we don't want devs, APIs, or Bots to accidentally browse insecure.
 | 
					
						
							|  |  |  |     var redirect = probablyBrowser ? opts.browsers : opts.apis; | 
					
						
							| 
									
										
										
										
											2015-07-07 17:19:44 -06:00
										 |  |  |     var host = req.headers.host || ''; | 
					
						
							| 
									
										
										
										
											2016-11-21 15:45:05 -07:00
										 |  |  | 		if (!/:\d+/.test(host) && 443 !== opts.port) { | 
					
						
							|  |  |  | 			// we are using standard port 80, but we aren't using standard port 443
 | 
					
						
							|  |  |  | 			host += ':80'; | 
					
						
							|  |  |  | 		} | 
					
						
							| 
									
										
										
										
											2015-07-07 17:19:44 -06:00
										 |  |  |     var newLocation = 'https://' | 
					
						
							|  |  |  |       + host.replace(/:\d+/, ':' + opts.port) + url | 
					
						
							|  |  |  |       ; | 
					
						
							| 
									
										
										
										
											2018-09-07 15:30:29 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-07-07 17:19:44 -06:00
										 |  |  |     //var encodedLocation = encodeURI(newLocation);
 | 
					
						
							|  |  |  |     var escapedLocation = escapeHtml(newLocation); | 
					
						
							| 
									
										
										
										
											2018-02-27 15:42:26 -07:00
										 |  |  |     var decodedLocation; | 
					
						
							| 
									
										
										
										
											2018-02-26 12:02:44 -07:00
										 |  |  |     try { | 
					
						
							| 
									
										
										
										
											2018-02-27 15:42:26 -07:00
										 |  |  |       decodedLocation = decodeURIComponent(newLocation); | 
					
						
							| 
									
										
										
										
											2018-02-26 12:02:44 -07:00
										 |  |  |     } catch(e) { | 
					
						
							| 
									
										
										
										
											2018-02-27 15:42:26 -07:00
										 |  |  |       decodedLocation = newLocation; // "#/error/?error_message=" + e.toString();
 | 
					
						
							| 
									
										
										
										
											2018-02-26 12:02:44 -07:00
										 |  |  |     } | 
					
						
							| 
									
										
										
										
											2018-09-07 15:30:29 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-07-07 17:19:44 -06:00
										 |  |  |     var body = opts.body | 
					
						
							| 
									
										
										
										
											2018-02-27 15:42:26 -07:00
										 |  |  |           .replace(/{{\s*HTML_URL\s*}}/ig, escapeHtml(decodedLocation)) | 
					
						
							| 
									
										
										
										
											2015-07-07 17:19:44 -06:00
										 |  |  |           .replace(/{{\s*URL\s*}}/ig, escapedLocation) | 
					
						
							|  |  |  |           .replace(/{{\s*UNSAFE_URL\s*}}/ig, newLocation) | 
					
						
							|  |  |  |           ; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     var metaRedirect = '' | 
					
						
							|  |  |  |       + '<html>\n' | 
					
						
							|  |  |  |       + '<head>\n' | 
					
						
							|  |  |  |       //+ '  <style>* { background-color: white; color: white; text-decoration: none; }</style>\n'
 | 
					
						
							|  |  |  |       + '  <META http-equiv="refresh" content="0;URL=\'' + escapedLocation + '\'">\n' | 
					
						
							|  |  |  |       + '</head>\n' | 
					
						
							| 
									
										
										
										
											2016-11-20 17:49:14 -08:00
										 |  |  |       + '<body>\n' + body + '\n</body>\n' | 
					
						
							| 
									
										
										
										
											2015-07-07 17:19:44 -06:00
										 |  |  |       + '</html>\n' | 
					
						
							|  |  |  |       ; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-10-02 17:49:24 -06:00
										 |  |  |     // If it's not a non-0 number (because null is 0) then 'meta' is assumed.
 | 
					
						
							|  |  |  |     if (redirect && isFinite(redirect)) { | 
					
						
							|  |  |  |       res.statusCode = redirect; | 
					
						
							| 
									
										
										
										
											2018-09-07 15:30:29 -04:00
										 |  |  |       res.setHeader('Location', newLocation); | 
					
						
							|  |  |  |     } | 
					
						
							| 
									
										
										
										
											2015-07-07 17:19:44 -06:00
										 |  |  |     res.setHeader('Content-Type', 'text/html; charset=utf-8'); | 
					
						
							|  |  |  |     res.end(metaRedirect); | 
					
						
							|  |  |  |   }; | 
					
						
							|  |  |  | }; |