redirect http to https using node-red on IBM Bluemix

1
votes

Using node-red on Bluemix, I was able to get my application running on both http://example.com and https://example.com. However, I want my application to be secured and can be accessed only with https. I can not find the way to redirect http to https on node-red running on Bluemix. I found only the way to do it on node.js/express and other web servers.

I also tried to do the redirect on my application by detecting msg.req.headers.$wssc and use http request node to redirect to https url but it did not work (still got http response).

Configure redirect on DNS is also not an option because AFAIK, you can not redirect http://example.com to https://example.com but you can redirect http://example.com to https://www.example.com.

Please suggest.

1
ibm-cloudnode-red

1 Answers

3
votes

You should be able to do this by using the msg.req.headers.x-forwarded-proto value then sending a response with a 301 status e.g.

if (msg.req.headers['x-forwarded-proto'] == 'http') {
  msg.statusCode = 301;
  msg.headers = {
    location: 'https://' + msg.req.get('host') + msg.req.originalUrl
  }
  msg.payload = "";
  return [null, msg]
} else {
  return [msg, null]
}

If you put that in a function node with 2 outputs it will send the redirect out the second output else send it out the first.

You could also do this by adding your own httpNodeMiddleware function in settings.js like this:

....
httpNodeMiddleware: function(req, res, next){
  if (req.headers['x-forwarded-proto'] == 'http') {
     res.redirect(301, 'https://' + req.get('host') + req.originalUrl);
  } else {
    next();
  }
},
...

This method means you don't need any of the redirect logic in your flow

Side Note: You probably need to test for msg.req.headers['$wssc'] rather than msg.req.headers.$wssc.