diff options
| author |  Frédéric Guillot <fred@miniflux.net> | 2018-02-03 15:54:02 -0800 |
|---|---|---|
| committer | Frédéric Guillot <fred@miniflux.net> | 2018-02-03 15:54:02 -0800 |
| commit | 61bc012a6284f90001b2339ecfdfb5b96e38be10 (patch) | |
| tree | e67e860a6f87137bc233181d22781f0a117cfcf1 /config | |
| parent | 9c4299720900fce52daedfce2314d31e92f7fe1d (diff) | |
Add support for HTTP Strict Transport Security header
Diffstat (limited to 'config')
| -rw-r--r-- | config/config.go | 5 | ||||
| -rw-r--r-- | config/config_test.go | 19 |
2 files changed, 24 insertions, 0 deletions
diff --git a/config/config.go b/config/config.go index 05b5d3b..9bd673e 100644 --- a/config/config.go +++ b/config/config.go @@ -167,6 +167,11 @@ func (c *Config) OAuth2Provider() string { return c.get("OAUTH2_PROVIDER", "") } +// HasHSTS returns true if HTTP Strict Transport Security is enabled. +func (c *Config) HasHSTS() bool { + return c.get("DISABLE_HSTS", "") == "" +} + // NewConfig returns a new Config. func NewConfig() *Config { return &Config{IsHTTPS: os.Getenv("HTTPS") != ""} diff --git a/config/config_test.go b/config/config_test.go index fbc7175..2cfec81 100644 --- a/config/config_test.go +++ b/config/config_test.go @@ -80,3 +80,22 @@ func TestDefaultBaseURL(t *testing.T) { t.Fatalf(`Unexpected base path, got "%s"`, cfg.BasePath()) } } + +func TestHSTSOn(t *testing.T) { + os.Clearenv() + cfg := NewConfig() + + if !cfg.HasHSTS() { + t.Fatalf(`Unexpected HSTS value, got "%v"`, cfg.HasHSTS()) + } +} + +func TestHSTSOff(t *testing.T) { + os.Clearenv() + os.Setenv("DISABLE_HSTS", "1") + cfg := NewConfig() + + if cfg.HasHSTS() { + t.Fatalf(`Unexpected HSTS value, got "%v"`, cfg.HasHSTS()) + } +} |