CODEWITHSUNDEEP
google-app-enginesslgohttpsgoogle-cloud-platform
malisit
malisit

Reputation: 1258

Google Cloud Platform, Golang Flexible Environment HTTPS only for custom domain

I have deployed my application without hassle just by running gcloud app deploy command on GCP. Which takes the flexible environment as default. Yesterday I made the necessary customizations to have a custom domain for this app with ssl. Currently it works when I go to any of the following, http://example.com, https://example.com but I also want to force people to use https. Currently the http requests work as they are, I want them to be directed to https. I want to direct any user to https://example.com when they try to go to the website with http or without anything at all like example.com. How can this be achieved?

Here's my app.yaml:

api_version: go1
env: flex
runtime: go

I already tried to use handlers and secure attributes but it seems they are not valid for flexible environment.

Thanks.

Upvotes: 1

Views: 379

Answers (1)

malisit
malisit

Reputation: 1258

Currently, flexible environment does not support HTTPS only directing by using app.yaml. However, this can be achieved in the server code by using a function like this,

func directToHttps(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
    if r.URL.Scheme == "https" || strings.HasPrefix(r.Proto, "HTTPS") || r.Header.Get("X-Forwarded-Proto") == "https" {
        next(w, r)
    } else {
        target := "https://" + r.Host + r.URL.Path

        http.Redirect(w, r, target,
            http.StatusTemporaryRedirect)
    }
}

I wrapped this function to my handlers with negroni.

Working example can be found here: https://github.com/malisit/munhasir

Upvotes: 2

Related Questions