From 7ae7c6da870604d47e49c4315878d05077d936cc Mon Sep 17 00:00:00 2001 From: Tankred Hase Date: Fri, 10 Jun 2016 19:42:00 +0200 Subject: [PATCH] Rename HTTPS env vars --- README.md | 6 +++--- config/default.js | 6 +++--- config/production.js | 2 +- src/app.js | 8 ++++---- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index a1e8683..e12a388 100644 --- a/README.md +++ b/README.md @@ -231,9 +231,9 @@ The `config/development.js` file can be used to configure a local development in * SMTP_PASS=smtp_pass * SENDER_NAME="OpenPGP Key Server" * SENDER_EMAIL=noreply@example.com -* UPGRADE_HTTPS=true (upgrade HTTP requests to HTTPS and use [HSTS](https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security)) -* PUBLIC_KEY_PIN=base64_encoded_sha256 (optional, see [HPKP](https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning)) -* PUBLIC_KEY_PIN_BACKUP=base64_encoded_sha256 (optional, see [HPKP](https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning)) +* HTTPS_UPGRADE=true (upgrade HTTP requests to HTTPS and use [HSTS](https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security)) +* HTTPS_KEY_PIN=base64_encoded_sha256 (optional, see [HPKP](https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning)) +* HTTPS_KEY_PIN_BACKUP=base64_encoded_sha256 (optional, see [HPKP](https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning)) diff --git a/config/default.js b/config/default.js index 43653b3..fb0c886 100644 --- a/config/default.js +++ b/config/default.js @@ -6,9 +6,9 @@ module.exports = { server: { port: process.env.PORT || 8888, - upgradeHTTPS: process.env.UPGRADE_HTTPS, - publicKeyPin: process.env.PUBLIC_KEY_PIN, - publicKeyPinBackup: process.env.PUBLIC_KEY_PIN_BACKUP + httpsUpgrade: process.env.HTTPS_UPGRADE, + httpsKeyPin: process.env.HTTPS_KEY_PIN, + httpsKeyPinBackup: process.env.HTTPS_KEY_PIN_BACKUP }, mongo: { diff --git a/config/production.js b/config/production.js index e38fa9a..fd56c7d 100644 --- a/config/production.js +++ b/config/production.js @@ -5,7 +5,7 @@ module.exports = { }, server: { - upgradeHTTPS: process.env.UPGRADE_HTTPS || true // use HTTPS by default + httpsUpgrade: process.env.HTTPS_UPGRADE || true // use HTTPS by default } }; \ No newline at end of file diff --git a/src/app.js b/src/app.js index d210647..2a622b5 100644 --- a/src/app.js +++ b/src/app.js @@ -75,7 +75,7 @@ router.get('/', home); // Redirect all http traffic to https app.use(function *(next) { - if (util.isTrue(config.server.upgradeHTTPS) && util.checkHTTP(this)) { + if (util.isTrue(config.server.httpsUpgrade) && util.checkHTTP(this)) { this.redirect('https://' + this.hostname + this.url); } else { yield next; @@ -84,11 +84,11 @@ app.use(function *(next) { // Set HTTP response headers app.use(function *(next) { - if (util.isTrue(config.server.upgradeHTTPS)) { + if (util.isTrue(config.server.httpsUpgrade)) { this.set('Strict-Transport-Security', 'max-age=16070400'); } - if (config.server.publicKeyPin && config.server.publicKeyPinBackup) { - this.set('Public-Key-Pins', 'pin-sha256="' + config.server.publicKeyPin + '"; pin-sha256="' + config.server.publicKeyPinBackup + '"; max-age=16070400'); + if (config.server.httpsKeyPin && config.server.httpsKeyPinBackup) { + this.set('Public-Key-Pins', 'pin-sha256="' + config.server.httpsKeyPin + '"; pin-sha256="' + config.server.httpsKeyPinBackup + '"; max-age=16070400'); } this.set('Access-Control-Allow-Origin', '*'); this.set('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');