middleware redirect from HTTPS to HTTP

I have set up this middleware to run on all my authenticated routes :
(simplified version) (notice the commented lines setting the protocol)

export const orgAndWebsiteMiddleware = async (c, next) => {
  const { user, token } = c.var;
  const { org, ws } = c.req.query();

  if (!org) {
    const url = new URL(c.req.url);
    url.searchParams.set('org', companies[0].id);
    url.searchParams.set('ws', companies[0].websites[0]?.id);
    // url.protocol = isProduction ? 'https' : 'http';
    return c.redirect(url.toString());
  } else if (!ws) {
    const url = new URL(c.req.url);
    const company = companies.find((company) => company.id === +c.req.query('org'));
    url.searchParams.set('ws', company?.websites[0]?.id);
    // url.protocol = isProduction ? 'https' : 'http';
    return c.redirect(url.toString());
  } else {
    const company = companies.find((company) => company.id === +c.req.query('org'));
    const website = company.websites.find((website) => website.id === +c.req.query('ws'));
    c.set('company', company);
    c.set('website', website);
  }
  return next();
};

export const orgAndWebsiteMiddleware = async (c, next) => {
  const { user, token } = c.var;
  const { org, ws } = c.req.query();

  if (!org) {
    const url = new URL(c.req.url);
    url.searchParams.set('org', companies[0].id);
    url.searchParams.set('ws', companies[0].websites[0]?.id);
    // url.protocol = isProduction ? 'https' : 'http';
    return c.redirect(url.toString());
  } else if (!ws) {
    const url = new URL(c.req.url);
    const company = companies.find((company) => company.id === +c.req.query('org'));
    url.searchParams.set('ws', company?.websites[0]?.id);
    // url.protocol = isProduction ? 'https' : 'http';
    return c.redirect(url.toString());
  } else {
    const company = companies.find((company) => company.id === +c.req.query('org'));
    const website = company.websites.find((website) => website.id === +c.req.query('ws'));
    c.set('company', company);
    c.set('website', website);
  }
  return next();
};

It all works works well, on page loads.
I am using HTMX and, without some extra work, all my ajax requests are also served through this middleware (by design)
Everything works well, on my computer, working with HTTP.
Once I run it in production (Bun, Hono, proxied through NGINX), my ajax requests stop working, as this middleware redirects to HTTP instead of HTTPS.
so, if i uncomment the lines setting

url.protocol = 'https

url.protocol = 'https

, it now works.

This feels like undesired behaviour, is it?
Thank you

Hono•2y ago•

4 replies

pastilhas

middleware redirect from HTTPS to HTTP

I have set up this middleware to run on all my authenticated routes :
(simplified version) (notice the commented lines setting the protocol)

export const orgAndWebsiteMiddleware = async (c, next) => {
  const { user, token } = c.var;
  const { org, ws } = c.req.query();

  if (!org) {
    const url = new URL(c.req.url);
    url.searchParams.set('org', companies[0].id);
    url.searchParams.set('ws', companies[0].websites[0]?.id);
    // url.protocol = isProduction ? 'https' : 'http';
    return c.redirect(url.toString());
  } else if (!ws) {
    const url = new URL(c.req.url);
    const company = companies.find((company) => company.id === +c.req.query('org'));
    url.searchParams.set('ws', company?.websites[0]?.id);
    // url.protocol = isProduction ? 'https' : 'http';
    return c.redirect(url.toString());
  } else {
    const company = companies.find((company) => company.id === +c.req.query('org'));
    const website = company.websites.find((website) => website.id === +c.req.query('ws'));
    c.set('company', company);
    c.set('website', website);
  }
  return next();
};

export const orgAndWebsiteMiddleware = async (c, next) => {
  const { user, token } = c.var;
  const { org, ws } = c.req.query();

  if (!org) {
    const url = new URL(c.req.url);
    url.searchParams.set('org', companies[0].id);
    url.searchParams.set('ws', companies[0].websites[0]?.id);
    // url.protocol = isProduction ? 'https' : 'http';
    return c.redirect(url.toString());
  } else if (!ws) {
    const url = new URL(c.req.url);
    const company = companies.find((company) => company.id === +c.req.query('org'));
    url.searchParams.set('ws', company?.websites[0]?.id);
    // url.protocol = isProduction ? 'https' : 'http';
    return c.redirect(url.toString());
  } else {
    const company = companies.find((company) => company.id === +c.req.query('org'));
    const website = company.websites.find((website) => website.id === +c.req.query('ws'));
    c.set('company', company);
    c.set('website', website);
  }
  return next();
};

url.protocol = 'https

url.protocol = 'https

, it now works.

This feels like undesired behaviour, is it?
Thank you

middleware redirect from HTTPS to HTTP

Similar Threads

middleware redirect from HTTPS to HTTP

Similar Threads

Similar Threads

Similar Threads