Skip to content

Instantly share code, notes, and snippets.

@rowan-m
Created May 14, 2020 11:39
Show Gist options
  • Save rowan-m/51234296788fbfcb0efab7f011971ae9 to your computer and use it in GitHub Desktop.
Save rowan-m/51234296788fbfcb0efab7f011971ae9 to your computer and use it in GitHub Desktop.
ExpressJS always redirect to HTTPS with HSTS
const express = require('express');
const app = express();
app.use(function (req, res, next) {
if (req.secure) {
res.set('Strict-Transport-Security', 'max-age=63072000; includeSubdomains; preload');
return next();
}
res.redirect(301, 'https://' + req.headers.host + req.url);
});
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment