github/meteor
1
1
Fork 0
mirror of https://github.com/meteor/meteor.git synced 2026-05-02 03:01:46 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
11b7397857f71a938d016e9cd1ddbb4e4b94de4c
meteor/packages/force-ssl/README.md
Geoff Schmidt ebf14581a7 move force-ssl writeup from docs.meteor.com to a README
2014-10-13 22:33:05 -07:00

19 lines
749 B
Markdown
Raw Blame History

# force-ssl
This package, part of [Webapp](https://www.meteor.com/webapp), causes
Meteor to redirect insecure connections (HTTP) to a secure URL
(HTTPS). Use this package to ensure that communication to the server
is always encrypted to protect users from active spoofing attacks.
To simplify development, unencrypted connections from `localhost` are
always accepted over HTTP.
Application bundles (`meteor bundle`) do not include an HTTPS server or
certificate. A proxy server that terminates SSL in front of a Meteor
bundle must set the standard `x-forwarded-proto` header for the
`force-ssl` package to work.
Applications deployed to `meteor.com` subdomains with
`meteor deploy` are automatically served via HTTPS using Meteor's
certificate.
Reference in New Issue View Git Blame Copy Permalink