https://github.com/jclem/koa-ssl

Enforce SSL for Koa apps
https://github.com/jclem/koa-ssl

Last synced: 3 months ago
JSON representation

Enforce SSL for Koa apps

• Host: GitHub
• URL: https://github.com/jclem/koa-ssl
• Owner: jclem
• Created: 2014-04-18T19:07:33.000Z (about 11 years ago)
• Default Branch: master
• Last Pushed: 2018-08-10T22:00:19.000Z (almost 7 years ago)
• Last Synced: 2025-04-10T17:31:10.710Z (3 months ago)
• Language: JavaScript
• Homepage: http://npm.im/koa-ssl
• Size: 7.81 KB
• Stars: 12
• Watchers: 1
• Forks: 2
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
# koa-ssl

[![Circle CI](https://circleci.com/gh/jclem/koa-ssl.svg?style=svg)](https://circleci.com/gh/jclem/koa-ssl)

koa-ssl enforces SSL for [Koa][koa] apps.

## Use

Simply require and use the function exported by this module:

```javascript

var ssl = require('koa-ssl');

var app = require('koa')();

app.use(ssl());

```

The function takes an optional object of options:

- `disabled`: (default `false`) If `true`, this middleware will allow all

requests through.

- `trustProxy`: (default `false`) If `true`, trust the `x-forwarded-proto`

header. If it is "https", requests are allowed through.

- `disallow`: A non-Generator function called with the Koa context so that the

user can handle rejecting non-SSL requests themselves.

By default, this middleware will only run when `process.env.NODE_ENV` is set to

"production". Unless a `disallow` function is supplied it will respond with the

status code 403 and the body "Please use HTTPS when communicating with this

server."

## Thanks, Heroku

While I created and maintain this project, it was done while I was an employee

of [Heroku][heroku] on the Human Interfaces Team, and they were kind enough to

allow me to open source the work. Heroku is awesome.

[heroku]: https://www.heroku.com/home

[koa]: https://github.com/koajs/koa