HTTP -> HTTPS #9
Comments
|
I've put a lot of thought into this before. I've gotten a small handful of requests for this before, but I'm on the fence. I can absolutely understand seeing this as a deficiency of the tool, but I feel like it encourages bad use cases where inexperienced people think they need to redirect every url when they should instead be using a wildcard. If you have an SSL set up for your domain in this day and age, you basically always should just be redirecting HTTP wildcard to HTTPS Something like: RewriteCond %{HTTPS} !=on
RewriteRule (.*) https://www.example.com/$1 |
|
I'm actually pondering instead just adding a warning to the output if the protocols don't match. I think that would be a decent compromise. |
|
I've created a small fix #11 to just that - error on scheme change. I think I'm going to sleep on it though. |
|
Yes, and no. Indeed it may have to be idiot-proof and do wildcard by default, but an option for scheme rule generated would be really good as well. You see in SEO we often see old indexed urls, that don't have 1:1 https representation, instead we redirect it to different URL, BUT the earlier used path may be used in future, so we don't want it to be wildcard redirected no matter the scheme used. |
|
Second example, hosts option should be available always: |
|
Keep in mind that RewriteCond %{HTTPS} !=on does not catch all, you also need RewriteCond %{HTTP:X-Forwarded-Proto} !https |
should provide http -> https rewrite cond if these mismatch
input:
http://example.org/example-path/ https://example.org/example-path/current output:
RewriteRule ^example\-path/$ /example\-path/? [L,R=301]expected output:
Maybe it should be as opt-in feature for the RewriteCond part, but the expected output RewriteRule definitely requires fix
The text was updated successfully, but these errors were encountered: