hsts

package module

v1.0.3 Latest Latest Go to latest Published: Oct 3, 2024 License: Apache-2.0 Imports: 8 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/StalkR/hsts

Links

Open Source Insights

README ¶

HTTP Strict Transport Security (HSTS)

http RoundTripper implementing HTTP Strict Transport Security (RFC 6797) with sites preloaded from Chromium using go generate.

Install:

go get github.com/StalkR/hsts

Usage (taken from the example in godoc):

client := http.DefaultClient
// Wrap around the client's transport to add HSTS support.
client.Transport = hsts.New(client.Transport)

// Assuming example.com has set up HSTS, we learn it at the first HTTPS request.
resp, err := client.Get("https://example.com")
if err != nil {
	log.Fatal(err)
}
defer resp.Body.Close()

// So that any following request made in insecure HTTP would go in HTTPS.
resp, err = client.Get("http://example.com") // will become HTTPS
if err != nil {
	log.Fatal(err)
}
defer resp.Body.Close()

Bugs, comments, questions: create a new issue.

Documentation ¶

Overview ¶

Package hsts implements a RoundTripper that supports HTTP Strict Transport Security.

It comes preloaded with sites from Chromium (https://www.chromium.org/hsts), updated with go generate.

Index ¶

type Transport
- func New(transport http.RoundTripper) *Transport
- func (t *Transport) RoundTrip(req *http.Request) (*http.Response, error)

Examples ¶

New

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Transport ¶

type Transport struct {
	// contains filtered or unexported fields
}

Transport implements a RoundTripper adding HSTS to an existing RoundTripper.

func New ¶

func New(transport http.RoundTripper) *Transport

New wraps around a RoundTripper transport to add HTTP Strict Transport Security (HSTS). It starts preloaded with Chromium's list (https://www.chromium.org/hsts). Just like an http.Client if transport is nil, http.DefaultTransport is used.

Example ¶

client := http.DefaultClient
// Wrap around the client's transport to add HSTS support.
client.Transport = New(client.Transport)

// Assuming example.com has set up HSTS, we learn it at the first HTTPS request.
resp, err := client.Get("https://example.com")
if err != nil {
	log.Fatal(err)
}
defer resp.Body.Close()

// So that any following request made in insecure HTTP would go in HTTPS.
resp, err = client.Get("http://example.com") // will become HTTPS
if err != nil {
	log.Fatal(err)
}
defer resp.Body.Close()

Output:

func (*Transport) RoundTrip ¶

func (t *Transport) RoundTrip(req *http.Request) (*http.Response, error)

RoundTrip executes a single HTTP transaction and adds support for HSTS. It is safe for concurrent use by multiple goroutines.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
generate Binary preload generates a Go file with preloaded HSTS sites from Chromium.	Binary preload generates a Go file with preloaded HSTS sites from Chromium.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL