Last active
December 14, 2015 09:59
-
-
Save vanthome/5069041 to your computer and use it in GitHub Desktop.
For nodejs: Find out whether a client connection which might be proxied by front-end apache or nginx server OR is directly terminated by node is protected by SSL / TLS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var util = require('utile'), | |
| propUtil = require('./propUtil'); | |
| // Find out whether the client connection is encrypted | |
| var isClientOnTls = function(req) { | |
| var isEncrypted = true; | |
| if(req.connection.encrypted === undefined) { // Derive from nodejs internals | |
| isEncrypted = false; | |
| } | |
| var forwardedHeader = propUtil.get(req, 'headers.x-forwarded-proto'); | |
| if (forwardedHeader === 'https') { // Derive from front-end infrastructure injected header | |
| isEncrypted = true; | |
| } else { | |
| isEncrypted = false; | |
| } | |
| return isEncrypted; | |
| } | |
| exports.isClientOnTls = isClientOnTls; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment