From 1e723be556ddc38222ecd95aafe24c05aef9320b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 14 Nov 2022 14:17:05 -0800 Subject: [PATCH] chore(deps): bump koa-sslify from 2.1.2 to 5.0.0 (#4424) * chore(deps): bump koa-sslify from 2.1.2 to 5.0.0 Bumps [koa-sslify](https://github.com/turboMaCk/koa-sslify) from 2.1.2 to 5.0.0. - [Release notes](https://github.com/turboMaCk/koa-sslify/releases) - [Changelog](https://github.com/turboMaCk/koa-sslify/blob/master/CHANGELOG.md) - [Commits](https://github.com/turboMaCk/koa-sslify/compare/2.1.2...5.0.0) --- updated-dependencies: - dependency-name: koa-sslify dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] * Nice try dependabot Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Tom Moor --- package.json | 4 ++-- server/services/web.ts | 4 ++-- yarn.lock | 16 ++++++++-------- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/package.json b/package.json index d8a75f2d6..a3ef806d6 100644 --- a/package.json +++ b/package.json @@ -124,7 +124,7 @@ "koa-onerror": "^4.2.0", "koa-router": "7.4.0", "koa-send": "5.0.1", - "koa-sslify": "2.1.2", + "koa-sslify": "5.0.0", "koa-useragent": "^4.1.0", "lodash": "^4.17.21", "mammoth": "^1.4.19", @@ -252,7 +252,7 @@ "@types/koa-mount": "^4.0.1", "@types/koa-router": "^7.4.4", "@types/koa-send": "^4.1.3", - "@types/koa-sslify": "^2.1.0", + "@types/koa-sslify": "^4.0.3", "@types/koa-useragent": "^2.1.2", "@types/markdown-it": "^12.2.3", "@types/markdown-it-container": "^2.0.5", diff --git a/server/services/web.ts b/server/services/web.ts index 9b3decbea..fa31e134e 100644 --- a/server/services/web.ts +++ b/server/services/web.ts @@ -6,7 +6,7 @@ import { referrerPolicy, } from "koa-helmet"; import mount from "koa-mount"; -import enforceHttps from "koa-sslify"; +import enforceHttps, { xForwardedProtoResolver } from "koa-sslify"; import env from "@server/env"; import Logger from "@server/logging/Logger"; import routes from "../routes"; @@ -40,7 +40,7 @@ export default function init(app: Koa = new Koa()): Koa { if (env.FORCE_HTTPS) { app.use( enforceHttps({ - trustProtoHeader: true, + resolver: xForwardedProtoResolver, }) ); } else { diff --git a/yarn.lock b/yarn.lock index 179065fbb..eb7c044ce 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2959,10 +2959,10 @@ dependencies: "@types/koa" "*" -"@types/koa-sslify@^2.1.0": - version "2.1.0" - resolved "https://registry.yarnpkg.com/@types/koa-sslify/-/koa-sslify-2.1.0.tgz#549f0ffed299f355228f773168c3de5662553876" - integrity sha512-wd6P0lPcnj5TWruzLucmQ75cdxkYVSimNAEpyKNRJ4wju8jruhJZYGod4l2R9ODq3LoBKtp/yd6PZu7c+w5/xg== +"@types/koa-sslify@^4.0.3": + version "4.0.3" + resolved "https://registry.yarnpkg.com/@types/koa-sslify/-/koa-sslify-4.0.3.tgz#c0fe5a3abe9ec3a8ca9225b7c467b54f505c083b" + integrity sha512-FfbgV4Dex2FtnonU6uAA0BhEh+pGTWY63UkP14+StrlC0e3RNOGx6GZc3HMN3wzBRNchLhcnkyO7/hHLnx3bPw== dependencies: "@types/koa" "*" @@ -10142,10 +10142,10 @@ koa-send@5.0.1, koa-send@^5.0.0: http-errors "^1.7.3" resolve-path "^1.4.0" -koa-sslify@2.1.2: - version "2.1.2" - resolved "https://registry.yarnpkg.com/koa-sslify/-/koa-sslify-2.1.2.tgz#8947fd53949d69d539607814097863c1ecf38f30" - integrity sha1-iUf9U5SdadU5YHgUCXhjwezzjzA= +koa-sslify@5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/koa-sslify/-/koa-sslify-5.0.0.tgz#f3047de9afc92ad960208cea87fcac43795791a7" + integrity sha512-3Qc/DxPcH4BavYkt7xOVDFbaS7nR8oCozb/0dlIpLlyGVhFXcjHETWBwE3QrDLwjKOVJj6ykwRJoNzPT9QxCag== koa-static@^5.0.0: version "5.0.0"