mirror of
https://github.com/meteor/meteor.git
synced 2026-05-02 03:01:46 -04:00
24 lines
775 B
HTML
24 lines
775 B
HTML
<template name="pkg_force_ssl">
|
|
{{#markdown}}
|
|
## `force-ssl`
|
|
|
|
This package causes Meteor to redirect insecure connections (HTTP) to a
|
|
secure URL (HTTPS). Use this package to ensure that communication to the
|
|
server is always encrypted to protect users from active spoofing
|
|
attacks.
|
|
|
|
To simplify development, unencrypted connections from `localhost` are
|
|
always accepted over HTTP.
|
|
|
|
Application bundles (`meteor bundle`) do not include an HTTPS server or
|
|
certificate. A proxy server that terminates SSL in front of a Meteor
|
|
bundle must set the standard `x-forwarded-proto` header for the
|
|
`force-ssl` package to work.
|
|
|
|
Applications deployed to `meteor.com` subdomains with
|
|
`meteor deploy` are automatically served via HTTPS using Meteor's
|
|
certificate.
|
|
|
|
{{/markdown}}
|
|
</template>
|