commit 1912538c38ed51055161ca0bb5084a940c4bd2b8 · cherry.computer/website

cherry.computer / website

My personal site cherry.computer

htmx tailwind axum askama

fork atom

feat: add HSTS header to responses

I'll bump the max time and get it preloading when I summon the courage.

cherry.computer 2 years ago 1912538c f238a55c

+11 -3

2 changed files

expand all

unified split

server

Cargo.toml

src

main.rs

server/Cargo.toml

··· 15 15 "compression-full", 16 16 "fs", 17 17 "trace", 18 + "set-header" 18 19 ] } 19 20 tracing = "0.1.34" 20 21 tracing-subscriber = "0.3.11"

+10 -3

server/src/main.rs

··· 5 5 use crate::scrobble_monitor::ScrobbleMonitor; 6 6 7 7 use axum::{ 8 - http::StatusCode, 8 + http::{HeaderName, HeaderValue, StatusCode}, 9 9 response::IntoResponse, 10 10 routing::{get, get_service}, 11 11 Extension, Router, 12 12 }; 13 13 use tower::ServiceBuilder; 14 - use tower_http::{compression::CompressionLayer, services::ServeDir, trace::TraceLayer}; 14 + use tower_http::{ 15 + compression::CompressionLayer, services::ServeDir, set_header::SetResponseHeaderLayer, 16 + trace::TraceLayer, 17 + }; 15 18 16 19 #[tokio::main] 17 20 async fn main() -> anyhow::Result<()> { ··· 26 29 ServiceBuilder::new() 27 30 .layer(TraceLayer::new_for_http()) 28 31 .layer(CompressionLayer::new()) 29 - .layer(Extension(monitor)), 32 + .layer(Extension(monitor)) 33 + .layer(SetResponseHeaderLayer::overriding( 34 + HeaderName::from_static("strict-transport-security"), 35 + HeaderValue::from_static("max-age=300; includeSubDomains"), 36 + )), 30 37 ); 31 38 32 39 let addr = SocketAddr::from(([0, 0, 0, 0], 8080));