prosody-modules
502963b86fbc
mod_strict_https/mod_strict_https.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

Annotate

mod_strict_https/mod_strict_https.lua @ 6297:502963b86fbc

:multble modules: fix tab-> space diff --git a/mod_admin_blocklist/README.md b/mod_admin_blocklist/README.md --- a/mod_admin_blocklist/README.md +++ b/mod_admin_blocklist/README.md @@ -24,9 +24,9 @@ admin_blocklist_roles = { "prosody:opera # Compatibility Prosody-Version Status - -------------- ------ - trunk* Works - 13 Works - 0.12 Works + ------------ ------ + trunk* Works + 13 Works + 0.12 Works *as of 2025-06-13 diff --git a/mod_csi_grace_period/README.md b/mod_csi_grace_period/README.md --- a/mod_csi_grace_period/README.md +++ b/mod_csi_grace_period/README.md @@ -16,9 +16,9 @@ pocket is not the best use of radio time Works with [mod_csi_simple][doc:modules:mod_csi_simple] which is included with Prosody. - ------- ------- - trunk* Works - 13 Works - 0.12 Works + ------- ------- + trunk* Works + 13 Works + 0.12 Works *as of 2025-06-13 diff --git a/mod_http_upload_external/README.md b/mod_http_upload_external/README.md --- a/mod_http_upload_external/README.md +++ b/mod_http_upload_external/README.md @@ -87,10 +87,10 @@ Compatibility ============= Prosody-Version Status - ---------------- -------------------- - trunk Works as of 25-06-13 - 13 Works - 0.12 Works + ---------------- -------------------- + trunk Works as of 25-06-13 + 13 Works + 0.12 Works Implementation ============== diff --git a/mod_muc_moderation/README.md b/mod_muc_moderation/README.md --- a/mod_muc_moderation/README.md +++ b/mod_muc_moderation/README.md @@ -27,11 +27,10 @@ modules_enabled = { # Compatibility - ------- --------------- - trunk Works^[as of 2025-06-13] - 13 Works - 0.12 Works - ------- --------------- + ------- --------------- + trunk Works^[as of 2025-06-13] + 13 Works + 0.12 Works ## XEP version diff --git a/mod_s2s_idle_timeout/README.md b/mod_s2s_idle_timeout/README.md --- a/mod_s2s_idle_timeout/README.md +++ b/mod_s2s_idle_timeout/README.md @@ -25,10 +25,9 @@ Compatibility ============= Prosody Version Status - ----------------- ----------- - trunk[^1] Works - 13 Works - 0.12 Works - ----------------- ----------- + ----------------- ----------- + trunk[^1] Works + 13 Works + 0.12 Works [^1]: as of 2025-06-13 diff --git a/mod_s2s_keepalive/README.md b/mod_s2s_keepalive/README.md --- a/mod_s2s_keepalive/README.md +++ b/mod_s2s_keepalive/README.md @@ -34,10 +34,9 @@ Compatibility ============= Prosody Version Status - ----------------- ----------- - trunk[^1] Works - 13 Works - 0.12 Works - ----------------- ----------- + ----------------- ----------- + trunk[^1] Works + 13 Works + 0.12 Works [^1]: as of 2025-06-13
author Menel <menel@snikket.de>
date Fri, 13 Jun 2025 09:58:51 +0200
parent 5415:f8797e3284ff
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
861
1b34c8e46ffb mod_strict_https: New module implementing HTTP Strict Transport Security
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 -- HTTP Strict Transport Security
5411
b3158647cb36 mod_strict_https: Update to use modern APIs instead of monkey patching
Kim Alvefur <zash@zash.se>
parents: 863
diff changeset
2 -- https://www.rfc-editor.org/info/rfc6797
861
1b34c8e46ffb mod_strict_https: New module implementing HTTP Strict Transport Security
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3
1b34c8e46ffb mod_strict_https: New module implementing HTTP Strict Transport Security
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4 module:set_global();
1b34c8e46ffb mod_strict_https: New module implementing HTTP Strict Transport Security
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5
1b34c8e46ffb mod_strict_https: New module implementing HTTP Strict Transport Security
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6 local http_server = require "net.http.server";
1b34c8e46ffb mod_strict_https: New module implementing HTTP Strict Transport Security
Kim Alvefur <zash@zash.se>
parents:
diff changeset
7
863
efa9c1676d1f mod_strict_https: Correct underscore to hypen in max-age directive
Kim Alvefur <zash@zash.se>
parents: 861
diff changeset
8 local hsts_header = module:get_option_string("hsts_header", "max-age=31556952"); -- This means "Don't even try to access without HTTPS for a year"
5415
f8797e3284ff mod_strict_https: Add way to disable redirect
Kim Alvefur <zash@zash.se>
parents: 5411
diff changeset
9 local redirect = module:get_option_boolean("hsts_redirect", true);
861
1b34c8e46ffb mod_strict_https: New module implementing HTTP Strict Transport Security
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10
5411
b3158647cb36 mod_strict_https: Update to use modern APIs instead of monkey patching
Kim Alvefur <zash@zash.se>
parents: 863
diff changeset
11 module:wrap_object_event(http_server._events, false, function(handlers, event_name, event_data)
b3158647cb36 mod_strict_https: Update to use modern APIs instead of monkey patching
Kim Alvefur <zash@zash.se>
parents: 863
diff changeset
12 local request, response = event_data.request, event_data.response;
b3158647cb36 mod_strict_https: Update to use modern APIs instead of monkey patching
Kim Alvefur <zash@zash.se>
parents: 863
diff changeset
13 if request and response then
b3158647cb36 mod_strict_https: Update to use modern APIs instead of monkey patching
Kim Alvefur <zash@zash.se>
parents: 863
diff changeset
14 if request.secure then
b3158647cb36 mod_strict_https: Update to use modern APIs instead of monkey patching
Kim Alvefur <zash@zash.se>
parents: 863
diff changeset
15 response.headers.strict_transport_security = hsts_header;
5415
f8797e3284ff mod_strict_https: Add way to disable redirect
Kim Alvefur <zash@zash.se>
parents: 5411
diff changeset
16 elseif redirect then
5411
b3158647cb36 mod_strict_https: Update to use modern APIs instead of monkey patching
Kim Alvefur <zash@zash.se>
parents: 863
diff changeset
17 -- This won't get the port number right
b3158647cb36 mod_strict_https: Update to use modern APIs instead of monkey patching
Kim Alvefur <zash@zash.se>
parents: 863
diff changeset
18 response.headers.location = "https://" .. request.host .. request.path .. (request.query and "?" .. request.query or "");
861
1b34c8e46ffb mod_strict_https: New module implementing HTTP Strict Transport Security
Kim Alvefur <zash@zash.se>
parents:
diff changeset
19 return 301;
1b34c8e46ffb mod_strict_https: New module implementing HTTP Strict Transport Security
Kim Alvefur <zash@zash.se>
parents:
diff changeset
20 end
1b34c8e46ffb mod_strict_https: New module implementing HTTP Strict Transport Security
Kim Alvefur <zash@zash.se>
parents:
diff changeset
21 end
5411
b3158647cb36 mod_strict_https: Update to use modern APIs instead of monkey patching
Kim Alvefur <zash@zash.se>
parents: 863
diff changeset
22 return handlers(event_name, event_data);
b3158647cb36 mod_strict_https: Update to use modern APIs instead of monkey patching
Kim Alvefur <zash@zash.se>
parents: 863
diff changeset
23 end);