aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/http.zig14
1 files changed, 9 insertions, 5 deletions
diff --git a/src/http.zig b/src/http.zig
index 75a65775d..e7cd94d53 100644
--- a/src/http.zig
+++ b/src/http.zig
@@ -128,11 +128,15 @@ pub const RequestContext = struct {
if (protocol == null) {
determine_protocol: {
- // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Upgrade-Insecure-Requests
- if (this.header("Upgrade-Insecure-Requests") != null) {
- protocol = "https";
- break :determine_protocol;
- }
+ // Upgrade-Insecure-Requests doesn't work
+ // Browsers send this header to clients that are not running HTTPS
+ // We need to use protocol-relative URLs in import statements and in websocket handler, we need to send the absolute URL it received
+ // That will be our fix
+ // // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Upgrade-Insecure-Requests
+ // if (this.header("Upgrade-Insecure-Requests") != null) {
+ // protocol = "https";
+ // break :determine_protocol;
+ // }
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Proto
if (this.header("X-Forwarded-Proto")) |proto| {
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-20 18:14:15 +0000