Go to file
Max Carrara 933a4dbbaf fix #4494: redirect HTTP to HTTPS
Allow HTTP connections up until the request's header has been
parsed and processed. If no TLS handshake has been completed
beforehand, the server now responds with either a
'301 Moved Permanently' or a '308 Permanent Redirect' as noted in the
MDN web docs[1].

This is done after the header was parsed; for the redirect to work,
the `Host` header field of the request is used to create the
`Location` field of the response. This makes redirections independent
of how the server is accessed (e.g. via IP, localhost, FQDN, ...)
possible.

Upon redirection the client is immediately disconnected; otherwise,
they would have to wait for the connection to time out until
they may reconnect via TLS again.

[1] https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/301

Signed-off-by: Max Carrara <m.carrara@proxmox.com>
2023-03-07 11:19:32 +01:00
debian bump version to 4.1-6 2023-03-06 13:40:01 +01:00
src fix #4494: redirect HTTP to HTTPS 2023-03-07 11:19:32 +01:00
.gitignore fixup no newline at end of .gitignore 2018-05-25 16:42:05 +02:00
Makefile buildsys: change upload dist to bullseye 2021-10-04 10:21:12 +02:00