HTTP Strict Transport Security

I'm not including the preload file yet.
author: corvid <devnull@localhost> 2015-06-29 15:36:46 +0000
committer: corvid <devnull@localhost> 2015-06-29 15:36:46 +0000
commit: 41f2b84001bb63d705c7981492a9637d4d48f5f7 (patch)
tree: f7b95cb6c4a8a04e59f62a43c3b432ea1bfe569d /src/cache.c
parent: b3b8727a42e89d8702c9702226d1140836f1146e (diff)
1 files changed, 9 insertions, 1 deletions
diff --git a/src/cache.c b/src/cache.c
index d8f1a123..cc33db9c 100644
--- a/src/cache.c
+++ b/src/cache.c
@@ -26,6 +26,7 @@
 #include "dicache.h"
 #include "nav.h"
 #include "cookies.h"
+#include "hsts.h"
 #include "misc.h"
 #include "capi.h"
 #include "decode.h"
@@ -653,7 +654,7 @@ static void Cache_parse_header(CacheEntry_t *entry)
 {
    char *header = entry->Header->str;
    bool_t server1point0 = !strncmp(entry->Header->str, "HTTP/1.0", 8);
-   char *Length, *Type, *location_str, *encoding, *connection;
+   char *Length, *Type, *location_str, *encoding, *connection, *hsts;
 #ifndef DISABLE_COOKIES
    Dlist *Cookies;
 #endif
@@ -721,6 +722,13 @@ static void Cache_parse_header(CacheEntry_t *entry)
       dFree(connection);
    }
 
+   if (!dStrAsciiCasecmp(URL_SCHEME(entry->Url), "https") &&
+       !a_Url_host_is_ip(URL_HOST(entry->Url)) &&
+       (hsts = Cache_parse_field(header, "Strict-Transport-Security"))) {
+      a_Hsts_set(hsts, entry->Url);
+      dFree(hsts);
+   }
+
    /*
     * Get Transfer-Encoding and initialize decoder
     */
author	corvid <devnull@localhost>	2015-06-29 15:36:46 +0000
committer	corvid <devnull@localhost>	2015-06-29 15:36:46 +0000
commit	41f2b84001bb63d705c7981492a9637d4d48f5f7 (patch)
tree	f7b95cb6c4a8a04e59f62a43c3b432ea1bfe569d /src/cache.c
parent	b3b8727a42e89d8702c9702226d1140836f1146e (diff)