prosody-modules
0eb2d5ea2428
mod_strict_https/README.markdown

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

Comparison

mod_strict_https/README.markdown @ 5673:0eb2d5ea2428

merge
author Stephen Paul Weber <singpolyma@singpolyma.net>
date Sat, 06 May 2023 19:40:23 -0500
parent 5415:f8797e3284ff
comparison
equal deleted inserted replaced
5672:2c69577b28c2 5673:0eb2d5ea2428
1 --- 1 ---
2 labels:
3 summary: HTTP Strict Transport Security 2 summary: HTTP Strict Transport Security
4 ... 3 ---
5 4
6 Introduction 5 # Introduction
7 ============
8 6
9 This module implements [HTTP Strict Transport 7 This module implements [RFC 6797: HTTP Strict Transport Security] and
10 Security](https://tools.ietf.org/html/rfc6797) and responds to all 8 responds to all non-HTTPS requests with a `301 Moved Permanently`
11 non-HTTPS requests with a `301 Moved Permanently` redirect to the HTTPS 9 redirect to the HTTPS equivalent of the path.
12 equivalent of the path.
13 10
14 Configuration 11 # Configuration
15 =============
16 12
17 Add the module to the `modules_enabled` list and optionally configure 13 Add the module to the `modules_enabled` list and optionally configure
18 the specific header sent. 14 the specific header sent.
19 15
20 modules_enabled = { 16 ``` lua
21 ... 17 modules_enabled = {
22 "strict_https"; 18 ...
23 } 19 "strict_https";
24 hsts_header = "max-age=31556952" 20 }
21 hsts_header = "max-age=31556952"
22 ```
25 23
26 Compatibility 24 If the redirect from `http://` to `https://` causes trouble with
27 ============= 25 internal use of HTTP APIs it can be disabled:
28 26
29 ------- -------------- 27 ``` lua
30 trunk Works 28 hsts_redirect = false
31 0.9 Works 29 ```
32 0.8 Doesn't work 30
33 ------- -------------- 31 # Compatibility
32
33 ------- -------------
34 trunk Should work
35 0.12 Should work
36 0.11 Should work
37 ------- -------------