prosody-modules
c0cb43817b7c
mod_strict_https/README.md

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

File

mod_strict_https/README.md @ 6113:c0cb43817b7c

mod_compliance_latest: using module:log_status diff --git a/mod_compliance_latest/mod_compliance_latest.lua b/mod_compliance_latest/mod_compliance_latest.lua --- a/mod_compliance_latest/mod_compliance_latest.lua +++ b/mod_compliance_latest/mod_compliance_latest.lua @@ -1,6 +1,6 @@ local success, err = pcall(function() module:depends("compliance_2023") end) if not success then - module:log("error", "Error, can't load module: mod_compliance_2023. Is this module downloaded in a folder readable by prosody?") - return 1, "Error: Couldn't load dependency mod_compliance_2023." +module:log_status( "error", "Error, can't load module: mod_compliance_2023. Is this module downloaded into a folder readable by prosody?" ) +return false end
author Menel <menel@snikket.de>
date Mon, 23 Dec 2024 14:09:56 +0100
parent 6003:fe081789f7b5
line wrap: on
line source

---
summary: HTTP Strict Transport Security
---

# Introduction

This module implements [RFC 6797: HTTP Strict Transport Security] and
responds to all non-HTTPS requests with a `301 Moved Permanently`
redirect to the HTTPS equivalent of the path.

# Configuration

Add the module to the `modules_enabled` list and optionally configure
the specific header sent.

``` lua
modules_enabled = {
  ...
      "strict_https";
}
hsts_header = "max-age=31556952"
```

If the redirect from `http://` to `https://` causes trouble with
internal use of HTTP APIs it can be disabled:

``` lua
hsts_redirect = false
```

# Compatibility

  ------- -------------
  trunk   Should work
  0.12    Should work
  0.11    Should work
  ------- -------------