From 2f80fb27bdfa2a66851d44ac6c66a64a3b82c97d Mon Sep 17 00:00:00 2001
From: Mischa POSLAWSKY <perl@shiar.org>
Date: Thu, 21 Oct 2021 00:20:26 +0200
Subject: [PATCH] htaccess: https redirect on Upgrade-Insecure-Requests header

Enables encryption on most modern browsers as frequently recommended,
without forcing (old or slow) clients if they don't need or want to.
---
 .htaccess | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.htaccess b/.htaccess
index 35296ee..f6a07f7 100644
--- a/.htaccess
+++ b/.htaccess
@@ -13,6 +13,11 @@ RewriteRule ^(vi(?=m$)|.*)           http://sheet.shiar.nl/$1 [R=301]
 RewriteRule ^vim$                    /vi [R=301]
 RewriteRule ^cc$                     /countries [R=301]
 
+# forward to https protocol if requested
+RewriteCond %{HTTPS}                          =off
+RewriteCond %{HTTP:Upgrade-Insecure-Requests} =1
+RewriteRule (.*)                     https://%{HTTP_HOST}/$1  [L]
+
 # serve vim commands when requesting /digraphs.ex as well
 RewriteRule    ^(digraphs)\.ex(/.*)?$ $1.vim$2
 
-- 
2.30.0