Support HTTPS

[justanotherdot]

This should hopefully resolve #178. It uses the example given in the
micro examples of with-https. It has some rough edges still that
needed to be sanded down:

• Choosing a specific short flag name for ssl (and if the initial flag
  should still be called ssl; I'm tempted to rename it to https or what
  have you) - would like if someone chimed in about their design thoughts for this.

• The example always acks with 200 and the example object - should just be a matter of passing off the handler as fn to microHttps.

• It does not support compression and merely overwrites the previous
  server var - should also be trivial, just compress the handler before handing it off to whichever server will take it.

[justanotherdot]

I should be able to get to last two bullet points without much delay; the first needs someone to chime in on design wise. I'm also aiming to do some general cleanup with what I've introduced so it's not entirely set in stone yet but I'm happy to oblige any changes needed. 🙂

[justanotherdot]

Last commit should resolve the latter two bullet points; just need to know if we should change the flag name? (I'm going to vote 'yes'! Maybe https?)

[justanotherdot]

Also just realized there should probably be:

• a check for at least min of node v7.6 to support the async keyword unless it's unnecessary. Noticed that I had taken out the async keyword so this is no longer true.
• a way to pass the cert + key manually if one is inclined to do so, although I think I can save that for another PR if people are inclined to have it. I'm not sure about the design goals of serve especially in the context of zeit now.

Looks like http-serve has --ssl and -S for the flags they use, so it might be ok to keep it and introduce -S here for consistency. and it looks like we're already using -S here, so not sure what to put as an alternative.

[leo]

Fantastic PR! 😊

I added a few comments. I think we can release it after you've made the changes and then add support for custom certs if anyone is requesting it. I personally don't see a need for that.

Also please resolve the conflicts! 🙏

[leo]

Serve content using SSL

[justanotherdot]

Sounds good; wasn't sure what the ideal copy was so I figured someone would eventually chime in 😉

[leo]

Please add a newline after this line 😊

[justanotherdot]

Done 🙂

[leo]

This is not a package - it needs to be part of the "Native" import group.

[justanotherdot]

Sure thing; force of habit to add to the end and glossed over the comments 🙂

[justanotherdot]

Thanks! I'll be sure to run npm to update thepackage-lock.json 😄

[justanotherdot]

Per lib/server.js conflicts, I think the global version of prettier I have installed may be reintroducing that (package.json shows v1.7.3 whereas I'm running v1.7.4). I'll resolve here to circumvent it running.

Per package-lock.json I'll just resolve to what master has for now.

[justanotherdot]

Should be good, and should also be using the appropriate non-master (npm install) package-lock.json. 👍

I am a little worried I didn't update the ava snapshots correctly, though. It looks like the generated markdown swapped the position of the regular and minimist options. If someone can chime in about that I'd appreciate it 😄

[leo]

Thank you so much! I'll make sure to update the snapshots and lockfiles to be really sure.

[albinekb]

:nice: use of the micro example 👍

[justanotherdot]

No worries, and thanks for writing that example, @albinekb! Make hacking up the diff a snap 👌

[albinekb]

OSS FTW! 💯 👊

[jadbox]

This needs documentation in the README.

[plaffitt]

Does this feature has been disabled? The --ssl flag doesn't exists anymore, and neither nothing related to it in the --help flag.

[devinrhode2]

Indeed need documentation! I don't know what to do

[nermin99]

@justanotherdot What happened to your flag? The --ssl flag doesn't work anymore and there's only --ssl-cert and --ssl-key.

[justanotherdot]

I am unsure I’m afraid. I was not responsible for the change removed the flag. Looks like those new flags made their way in over at #520

…

On Thu, 13 Aug 2020 at 4:40 pm Nermin Skenderovic ***@***.***> wrote: @justanotherdot <https://github.com/justanotherdot> What happened to your flag? The --ssl flag doesn't work anymore and there's only --ssl-cert and --ssl-key. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#274 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ABI2FECNMQHOUTMKMPJAVGTSAODGLANCNFSM4D6TOCHA> .

[nermin99]

@leo why was support for automatic HTTPS removed? As per #520 and #511 it is understandable that users might want to use manual certs and keys, but there is still, no even more, use cases for automatic SSL/HTTPS. One of the biggest reasons why serve is so popular is because it's a one-line command to literally "serve" your application. If a user wants or for some reason needs HTTPS they don't wanna have to go through a whole process of installing another tool just to get it.

Personally I stumbled upon serve when building my create-react-app and wanted to "serve" it. But because I use service workers and push notifications I need to serve it over HTTPS so I can test on other devices on the network. Sure I can get HTTPS for my self as per #520, but my co-workers can't, since they might not have their own manual certs and keys... you see the problem?

There is no reason why both manual and automatic HTTPS can't be supported.