aux/keyserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Rename HTTPS env vars

Browse Source
This commit is contained in:
Tankred Hase 2016-06-10 19:42:00 +02:00
parent 7a8600ae9c
commit 7ae7c6da87
4 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@ -231,9 +231,9 @@ The `config/development.js` file can be used to configure a local development in
* SMTP_PASS=smtp_pass
* SENDER_NAME="OpenPGP Key Server"
* SENDER_EMAIL=noreply@example.com
* UPGRADE_HTTPS=true (upgrade HTTP requests to HTTPS and use [HSTS](https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security))
* PUBLIC_KEY_PIN=base64_encoded_sha256 (optional, see [HPKP](https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning))
* PUBLIC_KEY_PIN_BACKUP=base64_encoded_sha256 (optional, see [HPKP](https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning))
* HTTPS_UPGRADE=true (upgrade HTTP requests to HTTPS and use [HSTS](https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security))
* HTTPS_KEY_PIN=base64_encoded_sha256 (optional, see [HPKP](https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning))
* HTTPS_KEY_PIN_BACKUP=base64_encoded_sha256 (optional, see [HPKP](https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning))

6
config/default.js
View File

@ -6,9 +6,9 @@ module.exports = {
server: {
port: process.env.PORT || 8888,
upgradeHTTPS: process.env.UPGRADE_HTTPS,
publicKeyPin: process.env.PUBLIC_KEY_PIN,
publicKeyPinBackup: process.env.PUBLIC_KEY_PIN_BACKUP
httpsUpgrade: process.env.HTTPS_UPGRADE,
httpsKeyPin: process.env.HTTPS_KEY_PIN,
httpsKeyPinBackup: process.env.HTTPS_KEY_PIN_BACKUP
},
mongo: {

2
config/production.js
View File

@ -5,7 +5,7 @@ module.exports = {
},
server: {
upgradeHTTPS: process.env.UPGRADE_HTTPS || true // use HTTPS by default
httpsUpgrade: process.env.HTTPS_UPGRADE || true // use HTTPS by default
}
};

8
src/app.js
View File

@ -75,7 +75,7 @@ router.get('/', home);
// Redirect all http traffic to https
app.use(function *(next) {
if (util.isTrue(config.server.upgradeHTTPS) && util.checkHTTP(this)) {
if (util.isTrue(config.server.httpsUpgrade) && util.checkHTTP(this)) {
this.redirect('https://' + this.hostname + this.url);
} else {
yield next;
@ -84,11 +84,11 @@ app.use(function *(next) {
// Set HTTP response headers
app.use(function *(next) {
if (util.isTrue(config.server.upgradeHTTPS)) {
if (util.isTrue(config.server.httpsUpgrade)) {
this.set('Strict-Transport-Security', 'max-age=16070400');
}
if (config.server.publicKeyPin && config.server.publicKeyPinBackup) {
this.set('Public-Key-Pins', 'pin-sha256="' + config.server.publicKeyPin + '"; pin-sha256="' + config.server.publicKeyPinBackup + '"; max-age=16070400');
if (config.server.httpsKeyPin && config.server.httpsKeyPinBackup) {
this.set('Public-Key-Pins', 'pin-sha256="' + config.server.httpsKeyPin + '"; pin-sha256="' + config.server.httpsKeyPinBackup + '"; max-age=16070400');
}
this.set('Access-Control-Allow-Origin', '*');
this.set('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');