diff --git a/src/webauthn/mod.ts b/src/webauthn/mod.ts index 4d55e20..f8eaf17 100644 --- a/src/webauthn/mod.ts +++ b/src/webauthn/mod.ts @@ -1,6 +1,11 @@ export function getRelyingParty(url: string | URL) { url = new URL(url) + // Prevent protocol mismatch when server is behind a proxy + if (!['localhost', '127.0.0.1', '0.0.0.0'].includes(url.hostname)) { + url.protocol = 'https' + } + return { /** * Human-readable title for your website