Author: rfm
Date: Wed Apr 5 10:46:42 2017
New Revision: 40447
URL: http://svn.gna.org/viewcvs/gnustep?rev=40447&view=rev
Log:
Fixup for HSTS to be applied when we are sending an error response
Modified:
libs/webserver/trunk/WebServerConnection.m
Modified: libs/webserver/trunk/WebServerConnection.m
URL:
http://svn.gna.org/viewcvs/gnustep/libs/webserver/trunk/WebServerConnection.m?rev=40447&r1=40446&r2=40447&view=diff
==============================================================================
--- libs/webserver/trunk/WebServerConnection.m (original)
+++ libs/webserver/trunk/WebServerConnection.m Wed Apr 5 10:46:42 2017
@@ -1128,7 +1128,8 @@
}
else
{
- NSString *body;
+ NSUInteger seconds = [server strictTransportSecurity];
+ NSString *body;
[self setShouldClose: YES];
@@ -1139,7 +1140,7 @@
*/
[server _alert: result];
body = [result stringByAppendingString:
- @"\r\nRetry-After: 120\r\n\r\n"];
+ @"\r\nRetry-After: 120"];
}
else
{
@@ -1147,8 +1148,16 @@
{
[server _log: result];
}
- body = [result stringByAppendingString: @"\r\n\r\n"];
}
+
+ if (seconds > 0)
+ {
+ body = [result stringByAppendingFormat:
+ @"\r\nStrict-Transport-Security: max-age=%lu\r\n\r\n",
+ (unsigned long)seconds];
+ }
+
+ body = [result stringByAppendingString: @"\r\n\r\n"];
[self performSelector: @selector(_doWrite:)
onThread: ioThread->thread
withObject: [body dataUsingEncoding: NSASCIIStringEncoding]
_______________________________________________
Gnustep-cvs mailing list
[email protected]
https://mail.gna.org/listinfo/gnustep-cvs
