1f349/violet
4
0
Fork 0
mirror of https://github.com/1f349/violet.git synced 2024-11-21 19:01:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add HSTS header

Browse Source
This commit is contained in:
Melon 2023-11-03 08:09:29 +00:00
parent 1194717a32
commit 37b0617e78
Signed by: melon
GPG Key ID: 6C9D970C50D26A25
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
servers/https.go
View File

@ -27,7 +27,10 @@ func NewHttpsServer(conf *conf.Conf) *http.Server {
return &http.Server{ return &http.Server{
Addr: conf.HttpsListen, Addr: conf.HttpsListen,
Handler: rateLimiter, Handler: http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
rw.Header().Set("Strict-Transport-Security", "max-age=63072000; includeSubDomains")
rateLimiter.ServeHTTP(rw, req)
}),
TLSConfig: &tls.Config{GetCertificate: func(info *tls.ClientHelloInfo) (*tls.Certificate, error) { TLSConfig: &tls.Config{GetCertificate: func(info *tls.ClientHelloInfo) (*tls.Certificate, error) {
// error out on invalid domains // error out on invalid domains
if !conf.Domains.IsValid(info.ServerName) { if !conf.Domains.IsValid(info.ServerName) {