3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-08-03 00:40:25 +02:00
Code Issues Projects Releases Packages Wiki Activity

cmd/pomerium: redirect http and add hsts headers (#92)

Browse source
This commit is contained in:
Bobby DeSimone 2019-04-24 13:29:11 -07:00 committed by GitHub
parent fbe1cae482
commit 857b9e5773
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 24 additions and 29 deletions
Download patch file Download diff file Expand all files Collapse all files

8
proxy/handlers.go
View file

@ -24,9 +24,10 @@ var (
)
var securityHeaders = map[string]string{
"X-Content-Type-Options": "nosniff",
"X-Frame-Options": "SAMEORIGIN",
"X-XSS-Protection": "1; mode=block",
"X-Content-Type-Options": "nosniff",
"X-Frame-Options": "SAMEORIGIN",
"X-XSS-Protection": "1; mode=block",
"Strict-Transport-Security": "max-age=31536000; includeSubDomains; preload", // 1 year
}
// StateParameter holds the redirect id along with the session id.
@ -62,7 +63,6 @@ func (p *Proxy) Handler() http.Handler {
Msg("proxy: request")
}))
c = c.Append(middleware.SetHeaders(securityHeaders))
c = c.Append(middleware.RequireHTTPS)
c = c.Append(middleware.ForwardedAddrHandler("fwd_ip"))
c = c.Append(middleware.RemoteAddrHandler("ip"))
c = c.Append(middleware.UserAgentHandler("user_agent"))