prosody-modules
750d64c47ec6
mod_strict_https/README.md

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

Diff

mod_strict_https/README.md @ 6211:750d64c47ec6 draft default tip

Merge
author Trần H. Trung <xmpp:trần.h.trung@trung.fun>
date Tue, 18 Mar 2025 00:31:36 +0700
parent 6003:fe081789f7b5
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/mod_strict_https/README.md	Tue Mar 18 00:31:36 2025 +0700
@@ -0,0 +1,37 @@
+---
+summary: HTTP Strict Transport Security
+---
+
+# Introduction
+
+This module implements [RFC 6797: HTTP Strict Transport Security] and
+responds to all non-HTTPS requests with a `301 Moved Permanently`
+redirect to the HTTPS equivalent of the path.
+
+# Configuration
+
+Add the module to the `modules_enabled` list and optionally configure
+the specific header sent.
+
+``` lua
+modules_enabled = {
+  ...
+      "strict_https";
+}
+hsts_header = "max-age=31556952"
+```
+
+If the redirect from `http://` to `https://` causes trouble with
+internal use of HTTP APIs it can be disabled:
+
+``` lua
+hsts_redirect = false
+```
+
+# Compatibility
+
+  ------- -------------
+  trunk   Should work
+  0.12    Should work
+  0.11    Should work
+  ------- -------------