for WebRedirect, don't "match" when the destination URL has the same scheme,host,path, for doing http -> https redirects without loops

you can already get most http to https redirects through DontRedirectPlainHTTP in WebHandler, but that needs handlers for all paths. now you can just set up a redirect for a domain and all its path to baseurl https://domain (leaving other webdirect fields empty). when the request comes in with plain http, the redirect to https is done. that next request will also evaluate the same redirect rule. but it will not cause a match because it would redirect to the same scheme,host,path. so next webhandlers get a chance to serve. also clarify in webhandlers docs that also account & admin built-in handlers run first. related to issue #16
2025-07-12 12:24:38 +03:00 · 2023-03-08 23:29:44 +01:00
parent a9ef0f2aea
commit 8b0706e02d
7 changed files with 63 additions and 8 deletions
--- a/http/webserver.go
+++ b/http/webserver.go
@ -341,6 +341,19 @@ func HandleRedirect(h *config.WebRedirect, w http.ResponseWriter, r *http.Reques
 	if h.StatusCode != 0 {
 		code = h.StatusCode
 	}
+
+	// If we would be redirecting to the same scheme,host,path, we would get here again
+	// causing a redirect loop. Instead, this causes this redirect to not match,
+	// allowing to try the next WebHandler. This can be used to redirect all plain http
+	// requests to https.
+	reqscheme := "http"
+	if r.TLS != nil {
+		reqscheme = "https"
+	}
+	if reqscheme == u.Scheme && r.Host == u.Host && r.URL.Path == u.Path {
+		return false
+	}
+
 	http.Redirect(w, r, u.String(), code)
 	return true
 }