Package sts implements the MTA-STS (Strict Transport Security), RFC 8461.
Note that "report" mode is not supported.
- type Mode
- type Policy
- type PolicyCache
This section is empty.
type Mode string
The Mode of a policy. Valid values (according to the standard) are constants below.
Policy represents a parsed policy. https://tools.ietf.org/html/rfc8461#section-3.2 The json annotations are used for serializing for caching purposes.
Fetch a policy for the given domain. Note this results in various network lookups and HTTPS GETs, so it can be slow. The returned policy is parsed and sanity-checked (using Policy.Check), so it should be safe to use.
func UncheckedFetch ¶
UncheckedFetch fetches and parses the policy, but does NOT check it. This can be useful for debugging and troubleshooting, but you should always call Check on the policy before using it.
type PolicyCache ¶
PolicyCache is a caching layer for fetching policies.
Policies are cached by domain, and stored in a single directory. The files will have as mtime the time when the policy expires, this makes the store simpler, as it can avoid keeping additional metadata.
There is no in-memory caching. This may be added in the future, but for now disk is good enough for our purposes.
NewCache creates an instance of PolicyCache using the given directory as backing storage. The directory will be created if it does not exist.
Fetch a policy for the given domain, using the cache.