From 2f01ee9b32458e6f1c5bb2152add8f76b0636bc4 Mon Sep 17 00:00:00 2001 From: Andrew Nowak Date: Tue, 20 Aug 2024 12:33:59 +0100 Subject: [PATCH] Forcibly upgrade all downloads to HTTPS Everything should be using HTTPS anyway, except that download links returned in the preview feed point to an HTTP S3 URL, and we block outbound requests to port 443 on the app's security group. --- associated-press/app/client/HttpClient.scala | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/associated-press/app/client/HttpClient.scala b/associated-press/app/client/HttpClient.scala index 9441cb3..dfd73f8 100644 --- a/associated-press/app/client/HttpClient.scala +++ b/associated-press/app/client/HttpClient.scala @@ -16,7 +16,11 @@ object HttpClient { headers: Seq[(String, String)] = Seq.empty, parameters: Seq[(String, String)] = Seq.empty ): Future[StandaloneWSResponse] = { - ws.url(uri) + // on the CODE env, the preview feed will return HTTP S3 URLs, but our + // security group only allows outbound requests on port 443... + // force all the URIs to HTTPS to allow the requests to complete. + val forcedHttps = uri.replaceAll("^http://", "https://") + ws.url(forcedHttps) .addHttpHeaders(headers: _*) .addQueryStringParameters(parameters: _*) .get()