Add HSTS command line flag

Cargo.toml

@@ -3,7 +3,7 @@ name = "libreddit"
 description = " Alternative private front-end to Reddit"
 license = "AGPL-3.0"
 repository = "https://github.com/spikecodes/libreddit"
-version = "0.5.5"
+version = "0.6.0"
 authors = ["spikecodes <19519553+spikecodes@users.noreply.github.com>"]
 edition = "2018"
 

src/main.rs

@@ -73,11 +73,8 @@ async fn resource(body: &str, content_type: &str, cache: bool) -> Result<Respons
 		.unwrap_or_default();
 
 	if cache {
-		match HeaderValue::from_str("public, max-age=1209600, s-maxage=86400") {
-			Ok(val) => {
-				res.headers_mut().insert("Cache-Control", val);
-			}
-			Err(_) => (),
+		if let Ok(val) = HeaderValue::from_str("public, max-age=1209600, s-maxage=86400") {
+			res.headers_mut().insert("Cache-Control", val);
 		}
 	}
 
@@ -114,11 +111,20 @@ async fn main() {
 				.help("Redirect all HTTP requests to HTTPS (no longer functional)")
 				.takes_value(false),
 		)
+		.arg(
+			Arg::with_name("hsts")
+				.short("H")
+				.long("hsts")
+				.value_name("EXPIRE_TIME")
+				.help("HSTS header to tell browsers that this site should only be accessed over HTTPS")
+				.default_value("604800")
+				.takes_value(true),
+		)
 		.get_matches();
 
 	let address = matches.value_of("address").unwrap_or("0.0.0.0");
 	let port = matches.value_of("port").unwrap_or("8080");
-	let _force_https = matches.is_present("redirect-https");
+	let hsts = matches.value_of("hsts");
 
 	let listener = format!("{}:{}", address, port);
 
@@ -135,6 +141,12 @@ async fn main() {
 		"Content-Security-Policy" => "default-src 'none'; manifest-src 'self'; media-src 'self'; style-src 'self' 'unsafe-inline'; base-uri 'none'; img-src 'self' data:; form-action 'self'; frame-ancestors 'none';"
 	};
 
+	if let Some(expire_time) = hsts {
+		if let Ok(val) = HeaderValue::from_str(&format!("max-age={}", expire_time)) {
+			app.default_headers.insert("Strict-Transport-Security", val);
+		}
+	}
+
 	// Read static files
 	app.at("/style.css").get(|_| resource(include_str!("../static/style.css"), "text/css", false).boxed());
 	app

src/server.rs

@@ -28,9 +28,8 @@ macro_rules! headers(
 		{
 			let mut m = hyper::HeaderMap::new();
 			$(
-				match hyper::header::HeaderValue::from_str($value) {
-					Ok(val) => { m.insert($key, val); }
-					Err(_) => ()
+				if let Ok(val) = hyper::header::HeaderValue::from_str($value) {
+					m.insert($key, val);
 				}
 			)+
 			m
@@ -96,11 +95,8 @@ impl ResponseExt for Response<Body> {
 	}
 
 	fn insert_cookie(&mut self, cookie: Cookie) {
-		match HeaderValue::from_str(&cookie.to_string()) {
-			Ok(val) => {
-				self.headers_mut().append("Set-Cookie", val);
-			}
-			Err(_) => (),
+		if let Ok(val) = HeaderValue::from_str(&cookie.to_string()) {
+			self.headers_mut().append("Set-Cookie", val);
 		}
 	}
 
@@ -108,11 +104,8 @@ impl ResponseExt for Response<Body> {
 		let mut cookie = Cookie::named(name);
 		cookie.set_path("/");
 		cookie.set_max_age(Duration::second());
-		match HeaderValue::from_str(&cookie.to_string()) {
-			Ok(val) => {
-				self.headers_mut().append("Set-Cookie", val);
-			}
-			Err(_) => (),
+		if let Ok(val) = HeaderValue::from_str(&cookie.to_string()) {
+			self.headers_mut().append("Set-Cookie", val);
 		}
 	}
 }