Table of Contents
https
Note: The https interface as been changed from Hop-3.2.0 and Hop-3.3.0 this document only refers to the latter version.
Hop can accept http connections, https connections, or both
simultaneously. This is chosen on the command line, that is before
Hop starts, and this can no longer be modified once it is running.
A running Hop instance can check which protocol are supported by checking
the hop.ports value or the config.HTTPPort and config.HTTPSport.
These variable are read-only. See hop and
config for details.
A service can determine the protocol used to emit an incoming request
by checking the if the ssl protocol is used by the underlying socket.
Within the body of a service, this can be obtained with: this.socket.ssl.
See services for details.
Hop invocation
The following example, shows how to redirect incoming http connexion to
their https counterpart. In the example below if a non-https connection
is received and if the server session enables https connection, the function
return is Hop response that redirects the client to the corresponding
http port.
The following example shows how to run Hop with http connection listened
to the port 9999 and https connections listended to the port 8888.
$ hop -p 9999 --https-port 8888 --https-pkey key.pem --https-cert cert.pemCertificate and Keys
With openssl, a self signed certificate can be generated by:
$ ${ doc.include( doc.BUILDDIR + "/doc/dev/selfsigned.sh" )}Automatic Redirections
As Hop can accepts both http and https connections, it might be
useful to redirect one to the other either on a per service basis or
globally. THis section shows how to implement these redirections.
Per service redirection
Hop introspection enables services to know about the protocols used to
emit requests and the protocols that are available. This, for
instance, enables services to automatically redirect http connections
to https connections. Here is an example of code implementing such a
redirection.
redirect.js
service mySvc() {
return HTTPtoHTTPs( this ) || ...;
}
function HTTPtoHTTPS( req ) {
if( config.HTTPSPort && !req.socket.ssl ) {
return hop.HTTPResponseString( "",
{
startLine: "HTTP/1.0 307 Temporary Redirect",
header: { "location": `https://${req.host}:${config.HTTPSPort}${req.abspath}` }
} );
} else {
return false;
}
}
Global redirection
Using request filters it is possible to
intercept all incoming requests and redirecting them if there are not
using the https protocol. Example:
redirect2.js
"use strict";
const config = require( hop.config );
hop.addRequestFilterFirst( req => {
if( config.HTTPSPort && !req.socket.ssl ) {
console.log( "redirection..." );
return hop.HTTPResponseString( "",
{
startLine: "HTTP/1.0 307 Temporary Redirect",
header: { "location": `https://${req.host}:${config.HTTPSPort}${req.abspath}` }
} );
} else {
return false;
}
} );
service foo() {
console.log( this.socket.ssl );
if( this.socket.ssl ) {
return "ssl";
} else {
return "unsecure";
}
}