New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
redirect-ssl
Advanced tools
redirect-ssl - npm Package Compare versions
Comparing version 1.1.0 to 1.2.0
13
index.js
@@ -9,3 +9,4 @@ const isHTTPS = require('is-https') | ||
| redirectUnknown: true, | ||
| statusCode: 307 | ||
| statusCode: 307, | ||
| redirect: process.env.NODE_ENV === 'production' | ||
| } | ||
@@ -15,3 +16,3 @@ | ||
| function create(options) { | ||
| const { xForwardedProto, redirectPort, redirectHost, statusCode, redirectUnknown } = Object.assign({}, defaults, options) | ||
| const { xForwardedProto, redirectPort, redirectHost, statusCode, redirectUnknown, redirect } = Object.assign({}, defaults, options) | ||
| const _port = redirectPort === 443 ? '' : (': ' + redirectPort) | ||
@@ -21,4 +22,4 @@ | ||
| const _isHttps = isHTTPS(req, xForwardedProto) | ||
| if (_isHttps === false || (redirectUnknown && _isHttps === null)) { | ||
| const shouldRedirect = _isHttps === false || (redirectUnknown && _isHttps === null) && redirect | ||
| if (shouldRedirect) { | ||
| const ـredirectURL = 'https://' + (redirectHost || req.headers.host) + _port + req.url | ||
@@ -33,3 +34,3 @@ res.writeHead(statusCode, { Location: ـredirectURL }) | ||
| // Create a new instance using defaults | ||
| // Create a new instance using defaults | ||
| const instance = create({}) | ||
@@ -41,2 +42,2 @@ | ||
| // Export default instance | ||
| module.exports = instance | ||
| module.exports = instance |
| { | ||
| "name": "redirect-ssl", | ||
| "version": "1.1.0", | ||
| "version": "1.2.0", | ||
| "description": "Connect middleware to enforce https", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
@@ -28,3 +28,3 @@ # redirect-ssl | ||
| - Default: `true` | ||
| Trust and check `x-forwarded-proto` header for HTTPS detection. | ||
@@ -34,3 +34,3 @@ | ||
| - Default: `443` | ||
| Redirect users to this port for HTTPS. (`:443` is omitted from URL as is default for `https://` schema) | ||
@@ -40,3 +40,3 @@ | ||
| - Default: `undefined` | ||
| Redirects using this value as host, if omitted will use request host for redirects. | ||
@@ -53,3 +53,8 @@ | ||
| - Default: `307` *Temporary Redirect* | ||
| ### redirect | ||
| - Default: Only when `process.env.NODE_ENV === 'production'` | ||
| Only enabled in production environment. Force redirecting locally by setting it to `true` | ||
| Status code when redirecting. The reason of choosing `307` for default is: | ||
@@ -61,2 +66,2 @@ - It prevents changing method from `POST` TO `GET` by user agents. (If you don't care, use `302` *Found*) | ||
| ## License | ||
| MIT - [Nuxt.js](https://nuxtjs.org) | ||
| MIT - [Nuxt.js](https://nuxtjs.org) |
New alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by2.2%
12696
- Lines of code
- increased by7.32%
44
- Number of lines in readme file
- increased by10.53%
63
Worsened metrics
- Number of low supply chain risk alerts
- increased by100%
2
No dependency changes