BlackSheep icon indicating copy to clipboard operation
BlackSheep copied to clipboard

Published 20 hours ago verified publisher icon Neoteroi

Add HSTS middleware to the framework

Open RobertoPrevato opened this issue 2 years ago • 0 comments

🚀 Feature Request Add and HSTS middleware to the library, like:

from blacksheep.messages import Request, Response


def _get_hsts_value(max_age: int, include_subdomains: bool) -> bytes:
    value = f"max-age={max_age};"

    if include_subdomains:
        value = value + " includeSubDomains;"

    return value.encode()


class HSTSMiddleware:
    """
    Middleware configuring "Strict-Transport-Security" header on responses.
    By default, it uses "max-age=31536000; includeSubDomains;".
    """

    def __init__(
        self,
        max_age: int = 31536000,
        include_subdomains: bool = True,
    ) -> None:
        self._max_age = max_age
        self._include_subdomains = include_subdomains
        self._value = _get_hsts_value(max_age, include_subdomains)

    async def __call__(self, request: Request, handler):
        response: Response = await handler(request)
        response.headers.add(b"Strict-Transport-Security", self._value)
        return response

RobertoPrevato avatar Mar 25 '22 18:03 RobertoPrevato