res.redirect('/') from POST route redirects to HTTPS instead of HTTP in development #6638
Description
When running an Express.js application in a local development environment (served over HTTP), I'm observing an unexpected redirect to HTTPS when performing res.redirect('/') from a POST route. This behavior does not occur when redirecting from a GET route to a relative path, or when redirecting to a non-root path.
Steps to Reproduce:
Set up a basic Express.js application locally, explicitly configured to serve over HTTP (e.g., using const http = require("http"); http.createServer(app).listen(PORT);).
Define a simple POST route that performs a redirect to the root path:
const express = require('express');
const app = express();
app.use(express.json()); // Or express.urlencoded({ extended: true }) if handling form data
app.post('/test-post-redirect', (req, res) => {
// This is the problematic redirect
res.redirect('/');
});
// For comparison: A GET route that redirects to a non-root path (works as expected)
app.get('/test-get-redirect', (req, res) => {
res.redirect('/some-other-path'); // This correctly redirects to http://localhost:PORT/some-other-path
});
// Define the root and a test target for clarity
app.get('/', (req, res) => {
res.send('Welcome to the home page (HTTP)!');
});
app.get('/some-other-path', (req, res) => {
res.send('This path was reached via HTTP redirect.');
});
// Assuming app is listening on http://localhost:3000
From a client (e.g., Postman, browser fetch API, or a simple HTML form), send a POST request to http://localhost:PORT/test-post-redirect.
Expected Behavior:
The browser should redirect to http://localhost:PORT/.
Actual Behavior:
The browser redirects to https://localhost:PORT/.
Express version 5.0.1