Inicio Explorar Ayuda
Iniciar sesión
Lawsun
/
ysjj-system
1
0
Fork 0
Archivos Incidencias 0 Pull Requests 0 Wiki
Árbol: d230cfbce0
Ramas Etiquetas
ysjj-system
/
node_modules
/
egg-security
/
lib
/
middlewares
/
hsts.js

hsts.js 581 B
Histórico Raw

123456789101112131415161718192021 
  1. 'use strict';
    2. 

  2. 

  3. const utils = require('../utils');
    4. 

  4. 

  5. // Set Strict-Transport-Security header
    6. 

  6. module.exports = options => {
    7. 

  7.   return async function hsts(ctx, next) {
    8. 

  8.     await next();
    9. 

  9. 

  10.     const opts = utils.merge(options, ctx.securityOptions.hsts);
    11. 

  11.     if (utils.checkIfIgnore(opts, ctx)) return;
    12. 

  12. 

  13.     let val = 'max-age=' + opts.maxAge;
    14. 

  14.     // If opts.includeSubdomains is defined,
    15. 

  15.     // the rule is also valid for all the sub domains of the website
    16. 

  16.     if (opts.includeSubdomains) {
    17. 

  17.       val += '; includeSubdomains';
    18. 

  18.     }
    19. 

  19.     ctx.set('strict-transport-security', val);
    20. 

  20.   };
    21. 

  21. };
    22.