(github.com)

188 points jcbhmr | 1 comments | 14 Nov 24 03:04 UTC | HN request time: 0.207s | source

Show context

pushupentry1219 ◴[14 Nov 24 04:54 UTC] No.42133267[source]▶

Not sure how I feel about the HTTPS/TLS related bits. These days anything I write in Go uses plain HTTP, and the TLS is done by a reverse proxy of some variety that does some other stuff with the traffic too including security headers, routing for different paths to different services, etc. I never run a go web application "bare", public facing, and manually supplying cert files.

replies(6): >>42133422 #>>42133588 #>>42133628 #>>42134049 #>>42134283 #>>42135953 #

1. Thorrez ◴[14 Nov 24 13:27 UTC] No.42135953[source]▶

>>42133267 #

What HTTPS/TLS related bits are you talking about? The code looks like it supports your use case. It has a "BehindProxy" setting:

https://github.com/google/go-safeweb/blob/c2d1215a6a2445915c...

↑

Go-Safeweb