Hono•2y ago

middleware redirect from HTTPS to HTTP

I have set up this middleware to run on all my authenticated routes :
(simplified version) (notice the commented lines setting the protocol)

export const orgAndWebsiteMiddleware = async (c, next) => {
  const { user, token } = c.var;
  const { org, ws } = c.req.query();

  if (!org) {
    const url = new URL(c.req.url);
    url.searchParams.set('org', companies[0].id);
    url.searchParams.set('ws', companies[0].websites[0]?.id);
    // url.protocol = isProduction ? 'https' : 'http';
    return c.redirect(url.toString());
  } else if (!ws) {
    const url = new URL(c.req.url);
    const company = companies.find((company) => company.id === +c.req.query('org'));
    url.searchParams.set('ws', company?.websites[0]?.id);
    // url.protocol = isProduction ? 'https' : 'http';
    return c.redirect(url.toString());
  } else {
    const company = companies.find((company) => company.id === +c.req.query('org'));
    const website = company.websites.find((website) => website.id === +c.req.query('ws'));
    c.set('company', company);
    c.set('website', website);
  }
  return next();
};

export const orgAndWebsiteMiddleware = async (c, next) => {
  const { user, token } = c.var;
  const { org, ws } = c.req.query();

  if (!org) {
    const url = new URL(c.req.url);
    url.searchParams.set('org', companies[0].id);
    url.searchParams.set('ws', companies[0].websites[0]?.id);
    // url.protocol = isProduction ? 'https' : 'http';
    return c.redirect(url.toString());
  } else if (!ws) {
    const url = new URL(c.req.url);
    const company = companies.find((company) => company.id === +c.req.query('org'));
    url.searchParams.set('ws', company?.websites[0]?.id);
    // url.protocol = isProduction ? 'https' : 'http';
    return c.redirect(url.toString());
  } else {
    const company = companies.find((company) => company.id === +c.req.query('org'));
    const website = company.websites.find((website) => website.id === +c.req.query('ws'));
    c.set('company', company);
    c.set('website', website);
  }
  return next();
};

export const orgAndWebsiteMiddleware = async (c, next) => {
  const { user, token } = c.var;
  const { org, ws } = c.req.query();

  if (!org) {
    const url = new URL(c.req.url);
    url.searchParams.set('org', companies[0].id);
    url.searchParams.set('ws', companies[0].websites[0]?.id);
    // url.protocol = isProduction ? 'https' : 'http';
    return c.redirect(url.toString());
  } else if (!ws) {
    const url = new URL(c.req.url);
    const company = companies.find((company) => company.id === +c.req.query('org'));
    url.searchParams.set('ws', company?.websites[0]?.id);
    // url.protocol = isProduction ? 'https' : 'http';
    return c.redirect(url.toString());
  } else {
    const company = companies.find((company) => company.id === +c.req.query('org'));
    const website = company.websites.find((website) => website.id === +c.req.query('ws'));
    c.set('company', company);
    c.set('website', website);
  }
  return next();
};

export const orgAndWebsiteMiddleware = async (c, next) => {
  const { user, token } = c.var;
  const { org, ws } = c.req.query();

  if (!org) {
    const url = new URL(c.req.url);
    url.searchParams.set('org', companies[0].id);
    url.searchParams.set('ws', companies[0].websites[0]?.id);
    // url.protocol = isProduction ? 'https' : 'http';
    return c.redirect(url.toString());
  } else if (!ws) {
    const url = new URL(c.req.url);
    const company = companies.find((company) => company.id === +c.req.query('org'));
    url.searchParams.set('ws', company?.websites[0]?.id);
    // url.protocol = isProduction ? 'https' : 'http';
    return c.redirect(url.toString());
  } else {
    const company = companies.find((company) => company.id === +c.req.query('org'));
    const website = company.websites.find((website) => website.id === +c.req.query('ws'));
    c.set('company', company);
    c.set('website', website);
  }
  return next();
};

It all works works well, on page loads.
I am using HTMX and, without some extra work, all my ajax requests are also served through this middleware (by design)
Everything works well, on my computer, working with HTTP.
Once I run it in production (Bun, Hono, proxied through NGINX), my ajax requests stop working, as this middleware redirects to HTTP instead of HTTPS.
so, if i uncomment the lines setting

url.protocol = 'https

url.protocol = 'https

url.protocol = 'https

url.protocol = 'https, it now works.

This feels like undesired behaviour, is it?
Thank you

middleware redirect from HTTPS to HTTP

Similar Threads

Similar Threads

Similar Threads