Mercurial > prosody-modules
view mod_strict_https/mod_strict_https.lua @ 6092:bd3ff802d883
mod_anti_spam: Fix another traceback for origin sessions without an IP
This is likely to be the case for stanzas originating from local hosts, for
example (so not true s2s). It should be safe to bypass the IP check for those.
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Sat, 28 Dec 2024 21:02:08 +0000 |
| parents | f8797e3284ff |
| children |
line wrap: on
line source
-- HTTP Strict Transport Security -- https://www.rfc-editor.org/info/rfc6797 module:set_global(); local http_server = require "net.http.server"; local hsts_header = module:get_option_string("hsts_header", "max-age=31556952"); -- This means "Don't even try to access without HTTPS for a year" local redirect = module:get_option_boolean("hsts_redirect", true); module:wrap_object_event(http_server._events, false, function(handlers, event_name, event_data) local request, response = event_data.request, event_data.response; if request and response then if request.secure then response.headers.strict_transport_security = hsts_header; elseif redirect then -- This won't get the port number right response.headers.location = "https://" .. request.host .. request.path .. (request.query and "?" .. request.query or ""); return 301; end end return handlers(event_name, event_data); end);
