Always include includeSubDomains for HSTS. - kore - Kore is a web application platform for writing scalable, concurrent web based processes in C or Python.

commit 91c44af6f0241428f0cabfadb380787960758a7d
parent 1507f88ec79284d9adf917e1c9ae9de5ca0c493f
Author: Joris Vink <joris@coders.se>
Date:   Tue, 10 Feb 2015 17:14:07 +0100

Always include includeSubDomains for HSTS.

Diffstat:
src/http.c  | 5 +++--

1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/http.c b/src/http.c
@@ -1166,7 +1166,7 @@ http_response_spdy(struct http_request *req, struct connection *c,
 
 	if (http_hsts_enable) {
 		(void)snprintf(sbuf, sizeof(sbuf),
-		    "max-age=%" PRIu64, http_hsts_enable);
+		    "max-age=%" PRIu64 "; includeSubDomains", http_hsts_enable);
 		spdy_header_block_add(hblock,
 		    ":strict-transport-security", sbuf);
 	}
@@ -1237,7 +1237,8 @@ http_response_normal(struct http_request *req, struct connection *c,
 
 	if (http_hsts_enable) {
 		kore_buf_appendf(header_buf, "strict-transport-security: ");
-		kore_buf_appendf(header_buf, "max-age=%" PRIu64 "\r\n",
+		kore_buf_appendf(header_buf,
+		    "max-age=%" PRIu64 "; includeSubDomains\r\n",
 		    http_hsts_enable);
 	}

	kore Kore is a web application platform for writing scalable, concurrent web based processes in C or Python.
	Commits \| Files \| Refs \| README \| LICENSE \| git clone https://git.kore.io/kore.git