Pivotal CloudFoundry: Enforcing HTTPS (SSL)

后端未结

关注

 3  724

萌比男神i 2021-01-07 03:24

I want to enforce HTTPS for a Spring Boot application to be hosted at Pivotal CloudFoundry, and I think most of the applications would want this today. The common way of doi

3条回答

遥遥无期 (楼主)

2021-01-07 04:06
You need to check the x-forwarded-proto header. Here is a method to do this.
```
public boolean isSecure (HttpServletRequest request) {
    String protocol = request.getHeader("x-forwarded-proto");

    if (protocol == null) {
        return false;
    }
    else if (protocol.equals("https")) {
        return true;
    }
    else {
        return false;
    }
}
```
Additionally, I have created an example servlet that does this as well. https://hub.jazz.net/git/jsloyer/sslcheck

git clone https://hub.jazz.net/git/jsloyer/sslcheck

The app is running live at http://sslcheck.mybluemix.net and https://sslcheck.mybluemix.net.
0 讨论(0)

查看其它3个回答
发布评论:

提交评论
- 加载中...