Documentation
¶
Index ¶
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type HSTS ¶
type HSTS struct {
MaxAge time.Duration
IncludeSubDomains bool
Preload bool
// slice shared across requests instead of allocating one per request. The
// value is fixed at construction, so this is safe as long as nothing
// mutates the response header value slice in place. Off by default; see
// header.SetShared.
ShareValueSlice bool
}
HSTS middleware
Example ¶
Configure the policy explicitly, e.g. a shorter max-age while rolling HSTS out across an apex domain and its subdomains.
package main
import (
"time"
"github.com/moonrhythm/parapet"
"github.com/moonrhythm/parapet/pkg/hsts"
)
func main() {
s := parapet.New()
s.Use(&hsts.HSTS{
MaxAge: 90 * 24 * time.Hour,
IncludeSubDomains: true,
})
}
Output:
func Default ¶
func Default() *HSTS
Default returns default hsts
Example ¶
Add a Strict-Transport-Security response header with sensible defaults (max-age of one year, no includeSubDomains, no preload).
package main
import (
"github.com/moonrhythm/parapet"
"github.com/moonrhythm/parapet/pkg/hsts"
)
func main() {
s := parapet.New()
s.Use(hsts.Default())
}
Output:
func Preload ¶
func Preload() *HSTS
Preload returns hsts preload
Example ¶
Use the preload-ready policy: a two-year max-age with includeSubDomains and preload, suitable for submission to the HSTS preload list.
package main
import (
"github.com/moonrhythm/parapet"
"github.com/moonrhythm/parapet/pkg/hsts"
)
func main() {
s := parapet.New()
s.Use(hsts.Preload())
}
Output:
Source Files
Click to show internal directories.
Click to hide internal directories.