macchiato.middleware.ssl
Middleware for managing handlers operating over HTTPS.
forwarded-scheme-request
(forwarded-scheme-request request)
(forwarded-scheme-request request header)
Change the :scheme of the request to the value present in a request header.
See: wrap-forwarded-scheme.
hsts-response
(hsts-response response)
(hsts-response response options)
Add the Strict-Transport-Security header to the response. See: wrap-hsts.
ssl-redirect-response
(ssl-redirect-response request options)
Given a HTTP request, return a redirect response to the equivalent HTTPS URL.
See: wrap-ssl-redirect.
wrap-forwarded-scheme
(wrap-forwarded-scheme handler)
(wrap-forwarded-scheme handler header)
Middleware that changes the :scheme of the request map to the value present
in a request header. This is useful if your application sits behind a
reverse proxy or load balancer that handles the SSL transport.
The header defaults to x-forwarded-proto.
wrap-hsts
(wrap-hsts handler)
(wrap-hsts handler options)
Middleware that adds the Strict-Transport-Security header to the response
from the handler. This ensures the browser will only use HTTPS for future
requests to the domain.
Accepts the following options:
:max-age - the max time in seconds the HSTS policy applies
(defaults to 31536000 seconds, or 1 year)
:include-subdomains? - true if subdomains should be included in the HSTS
policy (defaults to true)
See RFC 6797 for more information (https://tools.ietf.org/html/rfc6797).
wrap-ssl-redirect
(wrap-ssl-redirect handler)
(wrap-ssl-redirect handler options)
Middleware that redirects any HTTP request to the equivalent HTTPS URL.
Accepts the following options:
:ssl-port - the SSL port to use for redirects, defaults to 443.