diff --git a/kurl_proxy/assets/insecure.html b/kurl_proxy/assets/tls-warning.html
similarity index 100%
rename from kurl_proxy/assets/insecure.html
rename to kurl_proxy/assets/tls-warning.html
diff --git a/kurl_proxy/assets/welcome.html b/kurl_proxy/assets/welcome.html
index 5ecc7d848e..70d12f4243 100644
--- a/kurl_proxy/assets/welcome.html
+++ b/kurl_proxy/assets/welcome.html
@@ -19,7 +19,7 @@
.replace(/\/$/, "");
var httpsLink = "http:" + rawLink;
var opensslLink = rawLink.substring(2).replace("/", "");
- var insecureLink = httpsLink + "/insecure";
+ var insecureLink = httpsLink + "/tls-warning";
diff --git a/kurl_proxy/cmd/main.go b/kurl_proxy/cmd/main.go
index 4e7810d75c..38df41263c 100644
--- a/kurl_proxy/cmd/main.go
+++ b/kurl_proxy/cmd/main.go
@@ -275,11 +275,34 @@ func getHttpServer(fingerprint string, acceptAnonymousUploads bool, assetsDir st
}
appIcon := template.URL(app.Spec.Icon)
- htmlPage := "welcome.html"
- if c.Request.URL.Path == "/insecure" {
- htmlPage = "insecure.html"
+ c.HTML(http.StatusOK, "welcome.html", gin.H{
+ "fingerprintSHA1": fingerprint,
+ "AppIcon": appIcon,
+ "AppTitle": app.Spec.Title,
+ "IsEmbeddedCluster": isEmbeddedCluster(),
+ })
+ })
+ r.GET("/tls-warning", func(c *gin.Context) {
+ if !acceptAnonymousUploads {
+ log.Println("TLS certs already uploaded, redirecting to https")
+ target := url.URL{
+ Scheme: "https",
+ Host: c.Request.Host,
+ Path: c.Request.URL.Path,
+ RawQuery: c.Request.URL.RawQuery,
+ }
+ // Returns StatusFound (302) to avoid browser caching
+ c.Redirect(http.StatusFound, target.String())
+ return
+ }
+
+ app, err := kotsadmApplication()
+
+ if err != nil {
+ log.Printf("No kotsadm application metadata: %v", err) // continue
}
- c.HTML(http.StatusOK, htmlPage, gin.H{
+ appIcon := template.URL(app.Spec.Icon)
+ c.HTML(http.StatusOK, "tls-warning.html", gin.H{
"fingerprintSHA1": fingerprint,
"AppIcon": appIcon,
"AppTitle": app.Spec.Title,