Upgrade-Insecure-Requests redirect rule

First of all I love the new redirect rules tab. I find it very useful.

This is more of a request than a question. Under redirect rules I don’t see any way to redirect based on a specific HTTP header. The header in question is Upgrade-Insecure-Requests: 1. I want to redirect visitors to HTTPS based on this header. I don’t use Always Use HTTPS because its forceful redirection breaks TLS cert renewal.

You can write your own expression using http.request.headers.values, as described here:


any(http.request.headers["upgrade-insecure-requests"][*] == "1")

I don’t think Always Use HTTPS will force redirects for /.well-known/acme-challenge requests. I could be wrong on this, but it’s been a while since I’ve heard this as a sbumbling block.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.