feat(headers): add strict-transport-security header #590
Conversation
Strict-Transport-Security allows servers to inform user-agents that they'd like them to always contact the secure host (https) instead of the insecure one (http). Closes hyperium#589
|
Impressive work! I'll look through this, but seems travis is reporting this doesn't build on stable... |
| /// # } | ||
| /// ``` | ||
| #[derive(Clone, PartialEq, Debug)] | ||
| pub struct StrictTransportSecurity(pub bool, pub u64); |
There was a problem hiding this comment.
It seems slightly odd that the header outputs with the boolean at the end, but the struct has it first.
Also, booleans have a habit of being confusing without the explicit name right next to it. How about instead:
pub struct StrictTransportSecurity {
pub max_age: u64,
pub includes_subdomains: bool,
}Additionally, and I'm not sure if the value this might provide carries its own weight, but maybe StrictTransportSecurity::including_subdomain(1_000_000) and StrictTransportSecurity::excluding_subdomain(1_000_000) constructors might be useful?
|
I appreciated the design of the
I'd recommend a parsing strategy that splits on |
|
@seanmonstar, I would have preferred a simple split, but the spec allows for quoted strings (which could contain I'm happy to alter the parsing if that's the concern. My rust is a bit ahem neolithic, so it's probably just my lack of understanding idioms. I'll go through and clean up pointlessly allocated I used a tuple struct reluctantly, since it seemed to be the way most of the other headers were implemented. I'd prefer a field struct too, so I'll update that as well as the constructors. |
|
The usage of tuple structs is usually for when it's a single value, and so something like And, nice catch on it being valid to have |
Resolutions to the code-review issues in PR
|
I'm hoping this addresses the performance/allocation concerns. There's now only one allocation per-directive-name -- try as I might to please the borrow-checker gods, I cannot seem to convince that compiler that I'm not really borrowing |
| } | ||
|
|
||
| fn parse_directive(&mut self) -> Option<StsDirective> { | ||
| let directive_name = self.parse_directive_name().to_owned(); |
There was a problem hiding this comment.
If this is the allocation you are referring, I think you can convince the compiler by changing a number of the signatures to fn foo(&mut self) -> &'a str to unlink the return value's lifetime from the mutable borrow of self (lifetime elision) and instead link it to the structs buffer.
Fix the borrow checker's complaints on slices.
|
Thanks @Ryman! Changed so now there's no allocation. (sidenote: I was confused because the error message was talking about borrowing |
|
I noticed a few other details, which I tried to just fix myself in the parser (duplicate directives should be an error, some I've rebased my fixes onto your commit, and merged manually as 7c2e512 |
|
@seanmonstar No worries, mate. No offence taken. Like I said before, I didn't think it was necessarily the best code to start with. Glad to have it merged. |
Strict-Transport-Security allows servers to inform user-agents that
they'd like them to always contact the secure host (https) instead of
the insecure one (http).
Closes #589