hlfhr

package module
v1.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 13, 2026 License: BSD-3-Clause Imports: 11 Imported by: 2

README

HTTPS Listener For HTTP Redirect

🌐 HTTP redirect to HTTPS on the same port using Golang.
It can also redirect from port 80 to port 443.

This is my original work - the first solution to the issue without modifying the standard library.

Setup

go get -u github.com/bddjr/hlfhr@latest

// Use [hlfhr.New]
srv := hlfhr.New(&http.Server{
	// Write something...
})

// Port 80 redirects to port 443.  
// This option only takes effect when listening on port 443.
// [hlfhr.Server.HlfhrHandler] is also using on port 80.
srv.Listen80RedirectTo443 = true

// Then just use it like [http.Server]
err := srv.ListenAndServeTLS("example.crt", "example.key")

For example:

  • Listening on port 8443, http://127.0.0.1:8443 will redirect to https://127.0.0.1:8443.
  • Listening on port 443, http://127.0.0.1 will redirect to https://127.0.0.1.

If you need to customize the redirect handler, see HlfhrHandler Example.

Versus

github.com/bddjr/hlfhr VS github.com/bddjr/hahosp

Feature hlfhr hahosp
Redirect to HTTPS without modify Server.Handler ❌ Need modify to hahosp.HandlerSelector
Listen 80 redirect to 443 ✅ Need config
Without modify Server.ListenAndServeTLS ❌ Need modify to hahosp.ListenAndServeTLS
Without modify type http.Server ❌ Need modity to hlfhr.Server
WebSocket on HTTP (not HTTPS) ❌ Unsupport http.Hijacker
Keep alive on HTTP (not HTTPS)

Logic

flowchart TD
	Read("Hijacking net.Conn.Read")

	IsLooksLikeHTTP("First byte looks like HTTP ?")

	CancelHijacking(["✅ Cancel hijacking..."])

	ReadRequest("🔍 Read request")

	IsHandlerExist("HlfhrHandler exist ?")

	Redirect{{"🟡 307 Redirect"}}

	Handler{{"💡 Handler"}}

	Close(["❌ Close."])

    Read --> IsLooksLikeHTTP
    IsLooksLikeHTTP -- "🔐false" --> CancelHijacking
    IsLooksLikeHTTP -- "📄true" --> ReadRequest --> IsHandlerExist
	IsHandlerExist -- "✖false" --> Redirect --> Close
	IsHandlerExist -- "✅true" --> Handler --> Close

HlfhrHandler Example

If you need http.Hijacker on HTTP (not HTTPS), please use github.com/bddjr/hahosp

// 308 Permanent Redirect
srv.HlfhrHandler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
	hlfhr_utils.RedirectToHttps(w, r, 308)
})

// Check Host Header
srv.HlfhrHandler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
	hostname, _port := r.Host, ""
	if !strings.HasSuffix(hostname, "]") {
		if i := strings.LastIndexByte(hostname, ':'); i != -1 {
			_port = hostname[i:]
			if _port == ":80" {
				_port = ""
			}
			hostname = hostname[:i]
		}
	}
	switch hostname {
	case "localhost":
		hlfhr_utils.RedirectToHttps(w, r, 307)
	case "www.localhost", "127.0.0.1", "[::1]":
		hlfhr_utils.RedirectToHttps_ModifyHost(w, r, 307, "localhost"+_port)
	default:
		w.WriteHeader(421)
	}
})

Documentation

Overview

HTTPS Listener For HTTP Redirect

🌐 HTTP redirect to HTTPS on the same port using Golang. It can also redirect from port 80 to port 443.

https://github.com/bddjr/hlfhr

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ListenAndServeTLS 

func ListenAndServeTLS(addr, certFile, keyFile string, handler http.Handler) error

ListenAndServeTLS acts identically to http.ListenAndServe, except that it expects HTTPS connections. Additionally, files containing a certificate and matching private key for the server must be provided. If the certificate is signed by a certificate authority, the certFile should be the concatenation of the server's certificate, any intermediates, and the CA's certificate.

If Listen80RedirectTo443 failed, the returned error is starts with "hlfhr: Listen80RedirectTo443 error: ".

func ServeTLS 

func ServeTLS(l net.Listener, handler http.Handler, certFile, keyFile string) error

ServeTLS accepts incoming HTTPS connections on the listener l, creating a new service goroutine for each. The service goroutines read requests and then call handler to reply to them.

The handler is typically nil, in which case http.DefaultServeMux is used.

Additionally, files containing a certificate and matching private key for the server must be provided. If the certificate is signed by a certificate authority, the certFile should be the concatenation of the server's certificate, any intermediates, and the CA's certificate.

If Listen80RedirectTo443 failed, the returned error is starts with "hlfhr: Listen80RedirectTo443 error: ".

Types

type Conn added in v0.2.0 

type Conn struct {
	net.Conn
	TLSConn *tls.Conn // If nil, it's reading TLS or serving port 80
	Server  *Server
}

func (*Conn) HlfhrServe added in v1.4.1 

func (c *Conn) HlfhrServe(b []byte, n int)

func (*Conn) Read added in v0.2.0 

func (c *Conn) Read(b []byte) (int, error)

type Server 

type Server struct {
	*http.Server

	// Handles HTTP requests sent to an HTTPS server.
	//
	// If you need [http.Hijacker] or [http.ResponseController.EnableFullDuplex],
	// please use https://github.com/bddjr/hahosp.
	HlfhrHandler http.Handler

	// Port 80 redirects to port 443.
	//
	// This option only takes effect when listening on port 443.
	//
	// [Server.HlfhrHandler] is also using on port 80.
	Listen80RedirectTo443 bool
}

func New 

func New(s *http.Server) *Server

New hlfhr Server

func NewServer 

func NewServer(s *http.Server) *Server

New hlfhr Server

func (*Server) ListenAndServeTLS 

func (s *Server) ListenAndServeTLS(certFile string, keyFile string) error

ListenAndServeTLS listens on the TCP network address srv.Addr and then calls ServeTLS to handle requests on incoming TLS connections. Accepted connections are configured to enable TCP keep-alives.

Filenames containing a certificate and matching private key for the server must be provided if neither the Server's TLSConfig.Certificates nor TLSConfig.GetCertificate are populated. If the certificate is signed by a certificate authority, the certFile should be the concatenation of the server's certificate, any intermediates, and the CA's certificate.

If srv.Addr is blank, ":https" is used.

If Listen80RedirectTo443 failed, the returned error is starts with "hlfhr: Listen80RedirectTo443 error: ".

After [Server.Shutdown] or [Server.Close], the returned error is http.ErrServerClosed.

func (*Server) ServeTLS 

func (s *Server) ServeTLS(l net.Listener, certFile string, keyFile string) error

ServeTLS accepts incoming connections on the Listener l, creating a new service goroutine for each. The service goroutines perform TLS setup and then read requests, calling srv.Handler to reply to them.

Files containing a certificate and matching private key for the server must be provided if neither the Server's TLSConfig.Certificates nor TLSConfig.GetCertificate are populated. If the certificate is signed by a certificate authority, the certFile should be the concatenation of the server's certificate, any intermediates, and the CA's certificate.

If Listen80RedirectTo443 failed, the returned error is starts with "hlfhr: Listen80RedirectTo443 error: ".

After [Server.Shutdown] or [Server.Close], the returned error is http.ErrServerClosed.

type TLSListener added in v1.3.0 

type TLSListener struct {
	net.Listener
	TLSConf *tls.Config
	Server  *Server
}

func (*TLSListener) Accept added in v1.3.0 

func (l *TLSListener) Accept() (net.Conn, error)

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.