Add HSTS command line flag
This commit is contained in:
parent
966e0ce921
commit
4c66e75f6b
@ -3,7 +3,7 @@ name = "libreddit"
|
||||
description = " Alternative private front-end to Reddit"
|
||||
license = "AGPL-3.0"
|
||||
repository = "https://github.com/spikecodes/libreddit"
|
||||
version = "0.5.5"
|
||||
version = "0.6.0"
|
||||
authors = ["spikecodes <19519553+spikecodes@users.noreply.github.com>"]
|
||||
edition = "2018"
|
||||
|
||||
|
22
src/main.rs
22
src/main.rs
@ -73,12 +73,9 @@ async fn resource(body: &str, content_type: &str, cache: bool) -> Result<Respons
|
||||
.unwrap_or_default();
|
||||
|
||||
if cache {
|
||||
match HeaderValue::from_str("public, max-age=1209600, s-maxage=86400") {
|
||||
Ok(val) => {
|
||||
if let Ok(val) = HeaderValue::from_str("public, max-age=1209600, s-maxage=86400") {
|
||||
res.headers_mut().insert("Cache-Control", val);
|
||||
}
|
||||
Err(_) => (),
|
||||
}
|
||||
}
|
||||
|
||||
Ok(res)
|
||||
@ -114,11 +111,20 @@ async fn main() {
|
||||
.help("Redirect all HTTP requests to HTTPS (no longer functional)")
|
||||
.takes_value(false),
|
||||
)
|
||||
.arg(
|
||||
Arg::with_name("hsts")
|
||||
.short("H")
|
||||
.long("hsts")
|
||||
.value_name("EXPIRE_TIME")
|
||||
.help("HSTS header to tell browsers that this site should only be accessed over HTTPS")
|
||||
.default_value("604800")
|
||||
.takes_value(true),
|
||||
)
|
||||
.get_matches();
|
||||
|
||||
let address = matches.value_of("address").unwrap_or("0.0.0.0");
|
||||
let port = matches.value_of("port").unwrap_or("8080");
|
||||
let _force_https = matches.is_present("redirect-https");
|
||||
let hsts = matches.value_of("hsts");
|
||||
|
||||
let listener = format!("{}:{}", address, port);
|
||||
|
||||
@ -135,6 +141,12 @@ async fn main() {
|
||||
"Content-Security-Policy" => "default-src 'none'; manifest-src 'self'; media-src 'self'; style-src 'self' 'unsafe-inline'; base-uri 'none'; img-src 'self' data:; form-action 'self'; frame-ancestors 'none';"
|
||||
};
|
||||
|
||||
if let Some(expire_time) = hsts {
|
||||
if let Ok(val) = HeaderValue::from_str(&format!("max-age={}", expire_time)) {
|
||||
app.default_headers.insert("Strict-Transport-Security", val);
|
||||
}
|
||||
}
|
||||
|
||||
// Read static files
|
||||
app.at("/style.css").get(|_| resource(include_str!("../static/style.css"), "text/css", false).boxed());
|
||||
app
|
||||
|
@ -28,9 +28,8 @@ macro_rules! headers(
|
||||
{
|
||||
let mut m = hyper::HeaderMap::new();
|
||||
$(
|
||||
match hyper::header::HeaderValue::from_str($value) {
|
||||
Ok(val) => { m.insert($key, val); }
|
||||
Err(_) => ()
|
||||
if let Ok(val) = hyper::header::HeaderValue::from_str($value) {
|
||||
m.insert($key, val);
|
||||
}
|
||||
)+
|
||||
m
|
||||
@ -96,24 +95,18 @@ impl ResponseExt for Response<Body> {
|
||||
}
|
||||
|
||||
fn insert_cookie(&mut self, cookie: Cookie) {
|
||||
match HeaderValue::from_str(&cookie.to_string()) {
|
||||
Ok(val) => {
|
||||
if let Ok(val) = HeaderValue::from_str(&cookie.to_string()) {
|
||||
self.headers_mut().append("Set-Cookie", val);
|
||||
}
|
||||
Err(_) => (),
|
||||
}
|
||||
}
|
||||
|
||||
fn remove_cookie(&mut self, name: String) {
|
||||
let mut cookie = Cookie::named(name);
|
||||
cookie.set_path("/");
|
||||
cookie.set_max_age(Duration::second());
|
||||
match HeaderValue::from_str(&cookie.to_string()) {
|
||||
Ok(val) => {
|
||||
if let Ok(val) = HeaderValue::from_str(&cookie.to_string()) {
|
||||
self.headers_mut().append("Set-Cookie", val);
|
||||
}
|
||||
Err(_) => (),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user