MCPcopy
hub / github.com/PatchMon/PatchMon / HSTS

Function HSTS

server-source-code/internal/middleware/hsts.go:15–29  ·  view source on GitHub ↗

HSTS returns middleware that adds Strict-Transport-Security when enabled and request is HTTPS.

(enabled bool)

Source from the content-addressed store, hash-verified

13
14// HSTS returns middleware that adds Strict-Transport-Security when enabled and request is HTTPS.
15func HSTS(enabled bool) func(http.Handler) http.Handler {
16 return func(next http.Handler) http.Handler {
17 return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
18 if !enabled {
19 next.ServeHTTP(w, r)
20 return
21 }
22 secure := r.TLS != nil || strings.EqualFold(r.Header.Get("X-Forwarded-Proto"), "https")
23 if secure {
24 w.Header().Set("Strict-Transport-Security", "max-age="+strconv.Itoa(HSTSMaxAgeOneYear)+"; includeSubDomains")
25 }
26 next.ServeHTTP(w, r)
27 })
28 }
29}

Callers

nothing calls this directly

Calls 2

GetMethod · 0.45
SetMethod · 0.45

Tested by

no test coverage detected