H
Honoβ€’5mo ago
rubberduckies

middleware redirect from HTTPS to HTTP

I have set up this middleware to run on all my authenticated routes : (simplified version) (notice the commented lines setting the protocol) 
export const orgAndWebsiteMiddleware = async (c, next) => {
  const { user, token } = c.var;
  const { org, ws } = c.req.query();

  if (!org) {
    const url = new URL(c.req.url);
    url.searchParams.set('org', companies[0].id);
    url.searchParams.set('ws', companies[0].websites[0]?.id);
    // url.protocol = isProduction ? 'https' : 'http';
    return c.redirect(url.toString());
  } else if (!ws) {
    const url = new URL(c.req.url);
    const company = companies.find((company) => company.id === +c.req.query('org'));
    url.searchParams.set('ws', company?.websites[0]?.id);
    // url.protocol = isProduction ? 'https' : 'http';
    return c.redirect(url.toString());
  } else {
    const company = companies.find((company) => company.id === +c.req.query('org'));
    const website = company.websites.find((website) => website.id === +c.req.query('ws'));
    c.set('company', company);
    c.set('website', website);
  }
  return next();
};
export const orgAndWebsiteMiddleware = async (c, next) => {
  const { user, token } = c.var;
  const { org, ws } = c.req.query();

  if (!org) {
    const url = new URL(c.req.url);
    url.searchParams.set('org', companies[0].id);
    url.searchParams.set('ws', companies[0].websites[0]?.id);
    // url.protocol = isProduction ? 'https' : 'http';
    return c.redirect(url.toString());
  } else if (!ws) {
    const url = new URL(c.req.url);
    const company = companies.find((company) => company.id === +c.req.query('org'));
    url.searchParams.set('ws', company?.websites[0]?.id);
    // url.protocol = isProduction ? 'https' : 'http';
    return c.redirect(url.toString());
  } else {
    const company = companies.find((company) => company.id === +c.req.query('org'));
    const website = company.websites.find((website) => website.id === +c.req.query('ws'));
    c.set('company', company);
    c.set('website', website);
  }
  return next();
};
It all works works well, on page loads. I am using HTMX and, without some extra work, all my ajax requests are also served through this middleware (by design) Everything works well, on my computer, working with HTTP. Once I run it in production (Bun, Hono, proxied through NGINX), my ajax requests stop working, as this middleware redirects to HTTP instead of HTTPS. so, if i uncomment the lines setting url.protocol = 'https, it now works. This feels like undesired behaviour, is it? Thank you
3 Replies
rubberduckies
rubberduckiesOPβ€’5mo ago
[UPDATE]: In the meantime, i realized i don't even have to make the redirects on ajax calls, as i can get the query string from referer, but my question still stands... 
export const orgAndWebsiteMiddleware = async (c, next) => {
  const { user, token } = c.var;
  const referrer = c.req.header('referer');
  const referrerUrl = referrer && new URL(c.req.header('referer'));
  const org = c.req.query('org') || referrerUrl?.searchParams.get('org');
  const ws = c.req.query('ws') || referrerUrl?.searchParams.get('ws');
  ...
}
export const orgAndWebsiteMiddleware = async (c, next) => {
  const { user, token } = c.var;
  const referrer = c.req.header('referer');
  const referrerUrl = referrer && new URL(c.req.header('referer'));
  const org = c.req.query('org') || referrerUrl?.searchParams.get('org');
  const ws = c.req.query('ws') || referrerUrl?.searchParams.get('ws');
  ...
}
blurSkye πŸ‡΅πŸ‡ΈπŸ‰
blurSkye πŸ‡΅πŸ‡ΈπŸ‰β€’5mo ago
can you not enable force acme or something on your reverse proxy server(for example in nginx)?
rubberduckies
rubberduckiesOPβ€’5mo ago
i'll look into it thank you
Want results from more Discord servers?
Add your server