Ad
How To Ensure HTTP Trigger Will Be Called Only Via HTTPS?
I'm building an API on Cloud Functions with NodeJS and Express (Firebase) and I'd like to accept only calls via HTTPs so calls made over plain HTTP will fail. Is it possible to do it?
Ad
Answer
You should examine the request object being passed to your function. It's going to be an Express type Request object. Request has a property called protocol that should be "https". So:
functions.https.onRequest((req, res) => {
if (req.protocol !== "https") {
// reject the request
res.sendStatus(403)
}
})
Ad
source: stackoverflow.com
Related Questions
- → Maximum call stack exceeded when instantiating class inside of a module
- → Browserify api: how to pass advanced option to script
- → Node.js Passing object from server.js to external modules?
- → gulp-rename makes copies, but does not replace
- → requiring RX.js in node.js
- → Remove an ObjectId from an array of objectId
- → Can not connect to Redis
- → React: How to publish page on server using React-starter-kit
- → Express - better pattern for passing data between middleware functions
- → Can't get plotly + node.js to stream data coming through POST requests
- → IsGenerator implementation
- → Async/Await not waiting
- → (Socket.io on nodejs) Updating div with mysql data stops without showing error
Ad