Struct iron::headers::StrictTransportSecurity
[−]
[src]
pub struct StrictTransportSecurity { pub include_subdomains: bool, pub max_age: u64, }
StrictTransportSecurity
header, defined in RFC6797
This specification defines a mechanism enabling web sites to declare themselves accessible only via secure connections and/or for users to be able to direct their user agent(s) to interact with given sites only over secure connections. This overall policy is referred to as HTTP Strict Transport Security (HSTS). The policy is declared by web sites via the Strict-Transport-Security HTTP response header field and/or by other means, such as user agent configuration, for example.
ABNF
[ directive ] *( ";" [ directive ] )
directive = directive-name [ "=" directive-value ]
directive-name = token
directive-value = token | quoted-string
Example values
max-age=31536000
max-age=15768000 ; includeSubDomains
Example
use hyper::header::{Headers, StrictTransportSecurity}; let mut headers = Headers::new(); headers.set( StrictTransportSecurity::including_subdomains(31536000u64) );
Fields
include_subdomains | Signals the UA that the HSTS Policy applies to this HSTS Host as well as any subdomains of the host's domain name. |
max_age | Specifies the number of seconds, after the reception of the STS header field, during which the UA regards the host (from whom the message was received) as a Known HSTS Host. |
Methods
impl StrictTransportSecurity
fn including_subdomains(max_age: u64) -> StrictTransportSecurity
Create an STS header that includes subdomains
fn excluding_subdomains(max_age: u64) -> StrictTransportSecurity
Create an STS header that excludes subdomains