summaryrefslogtreecommitdiff
path: root/deps/rabbitmq_management/src/rabbit_mgmt_hsts.erl
diff options
context:
space:
mode:
Diffstat (limited to 'deps/rabbitmq_management/src/rabbit_mgmt_hsts.erl')
-rw-r--r--deps/rabbitmq_management/src/rabbit_mgmt_hsts.erl28
1 files changed, 28 insertions, 0 deletions
diff --git a/deps/rabbitmq_management/src/rabbit_mgmt_hsts.erl b/deps/rabbitmq_management/src/rabbit_mgmt_hsts.erl
new file mode 100644
index 0000000000..004f3d4e7e
--- /dev/null
+++ b/deps/rabbitmq_management/src/rabbit_mgmt_hsts.erl
@@ -0,0 +1,28 @@
+%% This Source Code Form is subject to the terms of the Mozilla Public
+%% License, v. 2.0. If a copy of the MPL was not distributed with this
+%% file, You can obtain one at https://mozilla.org/MPL/2.0/.
+%%
+%% Copyright (c) 2007-2020 VMware, Inc. or its affiliates. All rights reserved.
+%%
+
+%% Sets HSTS header(s) on the response if configured,
+%% see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security.
+
+-module(rabbit_mgmt_hsts).
+
+-export([set_headers/1]).
+
+-define(HSTS_HEADER, <<"strict-transport-security">>).
+
+%%
+%% API
+%%
+
+set_headers(ReqData) ->
+ case application:get_env(rabbitmq_management, strict_transport_security) of
+ undefined -> ReqData;
+ {ok, Value} ->
+ cowboy_req:set_resp_header(?HSTS_HEADER,
+ rabbit_data_coercion:to_binary(Value),
+ ReqData)
+ end.
View Lorry Controller Status