Add HSTS command line flag

This commit is contained in:
spikecodes 2021-03-20 22:10:31 -07:00
parent 966e0ce921
commit 4c66e75f6b
No known key found for this signature in database
GPG Key ID: 004CECFF9B463BCB
3 changed files with 25 additions and 20 deletions

View File

@ -3,7 +3,7 @@ name = "libreddit"
description = " Alternative private front-end to Reddit" description = " Alternative private front-end to Reddit"
license = "AGPL-3.0" license = "AGPL-3.0"
repository = "https://github.com/spikecodes/libreddit" repository = "https://github.com/spikecodes/libreddit"
version = "0.5.5" version = "0.6.0"
authors = ["spikecodes <19519553+spikecodes@users.noreply.github.com>"] authors = ["spikecodes <19519553+spikecodes@users.noreply.github.com>"]
edition = "2018" edition = "2018"

View File

@ -73,12 +73,9 @@ async fn resource(body: &str, content_type: &str, cache: bool) -> Result<Respons
.unwrap_or_default(); .unwrap_or_default();
if cache { if cache {
match HeaderValue::from_str("public, max-age=1209600, s-maxage=86400") { if let Ok(val) = HeaderValue::from_str("public, max-age=1209600, s-maxage=86400") {
Ok(val) => {
res.headers_mut().insert("Cache-Control", val); res.headers_mut().insert("Cache-Control", val);
} }
Err(_) => (),
}
} }
Ok(res) Ok(res)
@ -114,11 +111,20 @@ async fn main() {
.help("Redirect all HTTP requests to HTTPS (no longer functional)") .help("Redirect all HTTP requests to HTTPS (no longer functional)")
.takes_value(false), .takes_value(false),
) )
.arg(
Arg::with_name("hsts")
.short("H")
.long("hsts")
.value_name("EXPIRE_TIME")
.help("HSTS header to tell browsers that this site should only be accessed over HTTPS")
.default_value("604800")
.takes_value(true),
)
.get_matches(); .get_matches();
let address = matches.value_of("address").unwrap_or("0.0.0.0"); let address = matches.value_of("address").unwrap_or("0.0.0.0");
let port = matches.value_of("port").unwrap_or("8080"); let port = matches.value_of("port").unwrap_or("8080");
let _force_https = matches.is_present("redirect-https"); let hsts = matches.value_of("hsts");
let listener = format!("{}:{}", address, port); let listener = format!("{}:{}", address, port);
@ -135,6 +141,12 @@ async fn main() {
"Content-Security-Policy" => "default-src 'none'; manifest-src 'self'; media-src 'self'; style-src 'self' 'unsafe-inline'; base-uri 'none'; img-src 'self' data:; form-action 'self'; frame-ancestors 'none';" "Content-Security-Policy" => "default-src 'none'; manifest-src 'self'; media-src 'self'; style-src 'self' 'unsafe-inline'; base-uri 'none'; img-src 'self' data:; form-action 'self'; frame-ancestors 'none';"
}; };
if let Some(expire_time) = hsts {
if let Ok(val) = HeaderValue::from_str(&format!("max-age={}", expire_time)) {
app.default_headers.insert("Strict-Transport-Security", val);
}
}
// Read static files // Read static files
app.at("/style.css").get(|_| resource(include_str!("../static/style.css"), "text/css", false).boxed()); app.at("/style.css").get(|_| resource(include_str!("../static/style.css"), "text/css", false).boxed());
app app

View File

@ -28,9 +28,8 @@ macro_rules! headers(
{ {
let mut m = hyper::HeaderMap::new(); let mut m = hyper::HeaderMap::new();
$( $(
match hyper::header::HeaderValue::from_str($value) { if let Ok(val) = hyper::header::HeaderValue::from_str($value) {
Ok(val) => { m.insert($key, val); } m.insert($key, val);
Err(_) => ()
} }
)+ )+
m m
@ -96,24 +95,18 @@ impl ResponseExt for Response<Body> {
} }
fn insert_cookie(&mut self, cookie: Cookie) { fn insert_cookie(&mut self, cookie: Cookie) {
match HeaderValue::from_str(&cookie.to_string()) { if let Ok(val) = HeaderValue::from_str(&cookie.to_string()) {
Ok(val) => {
self.headers_mut().append("Set-Cookie", val); self.headers_mut().append("Set-Cookie", val);
} }
Err(_) => (),
}
} }
fn remove_cookie(&mut self, name: String) { fn remove_cookie(&mut self, name: String) {
let mut cookie = Cookie::named(name); let mut cookie = Cookie::named(name);
cookie.set_path("/"); cookie.set_path("/");
cookie.set_max_age(Duration::second()); cookie.set_max_age(Duration::second());
match HeaderValue::from_str(&cookie.to_string()) { if let Ok(val) = HeaderValue::from_str(&cookie.to_string()) {
Ok(val) => {
self.headers_mut().append("Set-Cookie", val); self.headers_mut().append("Set-Cookie", val);
} }
Err(_) => (),
}
} }
} }