csp plug: add sts support

author William Pitcock <nenolod@dereferenced.org>

Sun, 11 Nov 2018 06:50:28 +0000 (06:50 +0000)

committer William Pitcock <nenolod@dereferenced.org>

Sun, 11 Nov 2018 06:50:28 +0000 (06:50 +0000)
author William Pitcock <nenolod@dereferenced.org>
Sun, 11 Nov 2018 06:50:28 +0000 (06:50 +0000)
committer William Pitcock <nenolod@dereferenced.org>
Sun, 11 Nov 2018 06:50:28 +0000 (06:50 +0000)
diff --git a/lib/pleroma/plugs/csp_plug.ex b/lib/pleroma/plugs/csp_plug.ex

index 15d466c36479583a24f4def2db1e21e55715dc5a..56f2376eefe1c304110dd09a671b6f37bf494370 100644 (file)
--- a/lib/pleroma/plugs/csp_plug.ex
+++ b/lib/pleroma/plugs/csp_plug.ex
@@ -1,10 +1,17 @@
  defmodule Pleroma.Plugs.CSPPlug do
+  alias Pleroma.Config
    import Plug.Conn
  
    def init(opts), do: opts
  
    def call(conn, options) do
-    conn = merge_resp_headers(conn, headers())
+    if Config.get([:csp, :enabled]) do
+      conn =
+        merge_resp_headers(conn, headers())
+        |> maybe_send_sts_header(Config.get([:csp, :sts]))
+    else
+      conn
+    end
    end
  
    defp headers do
@@ -35,4 +42,14 @@ defmodule Pleroma.Plugs.CSPPlug do
      ]
      |> Enum.join("; ")
    end
+
+  defp maybe_send_sts_header(conn, true) do
+    max_age = Config.get([:csp, :sts_max_age])
+
+    merge_resp_headers(conn, [
+      {"strict-transport-security", "max-age=#{max_age}; includeSubDomains"}
+    ])
+  end
+
+  defp maybe_send_sts_header(conn, _), do: conn
  end
author	William Pitcock <nenolod@dereferenced.org>
	Sun, 11 Nov 2018 06:50:28 +0000 (06:50 +0000)
committer	William Pitcock <nenolod@dereferenced.org>
	Sun, 11 Nov 2018 06:50:28 +0000 (06:50 +0000)