Hi, looks good, but I think you have little bug in this lines in subs _set_hsts_header: sub _set_hsts_header { my $settings = plugin_setting; my $hsts_age = $settings->{hsts_age} // 31536000; my $subdomains = $settings->{hsts_include_subdomains} // 0; Should be place this '||' than '//' my $hsts_age = $settings->{hsts_age} || 31536000; my $subdomains = $settings->{hsts_include_subdomains} || 0;
------------ Původní zpráva ------------ Od: Natal Ngétal <hobbestigrou@erakis.im> Předmět: [Dancer-users] A new dancer plugin. Datum: 13.5.2012 16:01:36 ---------------------------------------- Hi all,
Yesterday I wrote a new dancer plugin to redirect all incoming requests to https inspired by flask-sslify. The project was renamed to don't confuse the users, thanks mst to advise. I'm hope the code look fine and be useful.
Dancer::Plugin::RequireSSL also provides your application with an HSTS policy.
http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
By default hsts_age is set for one year 31536000 seconds, and can also include subdomains in your HSTS policy by default is false.
To configure plugin:
RequireSSL: hsts_age: 31536000 hsts_include_subdomains: 0
In your config.yml.
Regards
-- \0/ Hobbestigrou site web: erakis.im _______________________________________________ Dancer-users mailing list Dancer-users@perldancer.org http://www.backup-manager.org/cgi-bin/listinfo/dancer-users