I have deployed my application without hassle just by running gcloud app deploy command on GCP. Which takes the flexible environment as default. Yesterday I made the necessary customizations to have a custom domain for this app with ssl. Currently it works when I go to any of the following, http://example.com, https://example.com but I also want to force people to use https. Currently the http requests work as they are, I want them to be directed to https. I want to direct any user to https://example.com when they try to go to the website with http or without anything at all like example.com. How can this be achieved?
Here's my app.yaml:
api_version: go1
env: flex
runtime: go
I already tried to use handlers and secure attributes but it seems they are not valid for flexible environment.
Thanks.
Currently, flexible environment does not support HTTPS only directing by using app.yaml. However, this can be achieved in the server code by using a function like this,
func directToHttps(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
if r.URL.Scheme == "https" || strings.HasPrefix(r.Proto, "HTTPS") || r.Header.Get("X-Forwarded-Proto") == "https" {
next(w, r)
} else {
target := "https://" + r.Host + r.URL.Path
http.Redirect(w, r, target,
http.StatusTemporaryRedirect)
}
}
I wrapped this function to my handlers with negroni.
Working example can be found here: https://github.com/malisit/munhasir