http: Don't use a Host matcher for HTTP->HTTPS redirects

In case on-demand TLS is enabled, in that case we don't know the only
names that have automatic HTTPS.

See https://caddy.community/t/v2-http-to-https-redirects-fail-for-on-demand-ssl-certs/6742?u=matt
This commit is contained in:
Matthew Holt 2020-01-09 14:39:49 -07:00
parent 590480513a
commit 994b9033e9
No known key found for this signature in database
GPG key ID: 2A349DD577D586A5

View file

@ -486,12 +486,7 @@ func (app *App) automaticHTTPS() error {
// create the route that does the redirect and associate // create the route that does the redirect and associate
// it with the listener address it will be served from // it with the listener address it will be served from
lnAddrRedirRoutes[httpRedirLnAddr] = Route{ lnAddrRedirRoutes[httpRedirLnAddr] = Route{
MatcherSets: []MatcherSet{ MatcherSets: []MatcherSet{{MatchProtocol("http")}},
{
MatchProtocol("http"),
MatchHost(domains),
},
},
Handlers: []MiddlewareHandler{ Handlers: []MiddlewareHandler{
StaticResponse{ StaticResponse{
StatusCode: WeakString(strconv.Itoa(http.StatusPermanentRedirect)), StatusCode: WeakString(strconv.Itoa(http.StatusPermanentRedirect)),