From 1d6f78d3558f86ea5dc42e90219b25e80fbee5ed Mon Sep 17 00:00:00 2001 From: Seyi Adebajo Date: Tue, 24 Apr 2018 11:26:12 -0700 Subject: [PATCH 1/2] redirects to https for unsecure locations on app transition --- wherehows-web/app/router.js | 7 +++++++ wherehows-web/app/utils/build-url.ts | 12 ++++++++++++ 2 files changed, 19 insertions(+) diff --git a/wherehows-web/app/router.js b/wherehows-web/app/router.js index dfb32047f3..0c41564c59 100644 --- a/wherehows-web/app/router.js +++ b/wherehows-web/app/router.js @@ -3,6 +3,7 @@ import { get, getWithDefault } from '@ember/object'; import { inject as service } from '@ember/service'; import { scheduleOnce } from '@ember/runloop'; import config from './config/environment'; +import { redirectToHttps } from 'wherehows-web/utils/build-url'; const AppRouter = Router.extend({ location: config.locationType, @@ -11,6 +12,12 @@ const AppRouter = Router.extend({ metrics: service(), + willTransition() { + this._super(...arguments); + + redirectToHttps(window.location); + }, + didTransition() { this._super(...arguments); diff --git a/wherehows-web/app/utils/build-url.ts b/wherehows-web/app/utils/build-url.ts index ac4a3807aa..fe7cf13a5e 100644 --- a/wherehows-web/app/utils/build-url.ts +++ b/wherehows-web/app/utils/build-url.ts @@ -39,3 +39,15 @@ export default (baseUrl: string, queryParam: string, queryValue: string): string return `${baseUrl}${separator}${queryParam}=${queryValue}`; }; + +/** + * Sets the href on a location object if the protocol is not https + * @param {Location} { protocol, href } + */ +export const redirectToHttps = ({ protocol, href, hostname }: Location): void => { + const secureProtocol = 'https:'; + + if (protocol !== secureProtocol && hostname !== 'localhost') { + window.location.replace(`${secureProtocol}${href.substring(protocol.length)}`); + } +}; From 872d1cda6d1227160f5817def25f19200910f3ed Mon Sep 17 00:00:00 2001 From: Seyi Adebajo Date: Wed, 2 May 2018 23:32:43 -0700 Subject: [PATCH 2/2] adds cli application configs for secure-redirection --- wherehows-web/app/router.js | 7 +++++-- wherehows-web/config/environment.js | 3 +-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/wherehows-web/app/router.js b/wherehows-web/app/router.js index 0c41564c59..d3055f7cdf 100644 --- a/wherehows-web/app/router.js +++ b/wherehows-web/app/router.js @@ -2,7 +2,7 @@ import Router from '@ember/routing/router'; import { get, getWithDefault } from '@ember/object'; import { inject as service } from '@ember/service'; import { scheduleOnce } from '@ember/runloop'; -import config from './config/environment'; +import config from 'wherehows-web/config/environment'; import { redirectToHttps } from 'wherehows-web/utils/build-url'; const AppRouter = Router.extend({ @@ -13,9 +13,12 @@ const AppRouter = Router.extend({ metrics: service(), willTransition() { + const { APP: { useSecureRedirect } } = config; this._super(...arguments); - redirectToHttps(window.location); + if (useSecureRedirect) { + redirectToHttps(window.location); + } }, didTransition() { diff --git a/wherehows-web/config/environment.js b/wherehows-web/config/environment.js index ba060ae48a..c63f18343b 100644 --- a/wherehows-web/config/environment.js +++ b/wherehows-web/config/environment.js @@ -18,8 +18,7 @@ module.exports = function(environment) { }, APP: { - // Here you can pass flags/options to your application instance - // when it is created + useSecureRedirect: true }, eyeglass: {