From 31d1315c60e4900e2d98901725ecaebc7dd96f51 Mon Sep 17 00:00:00 2001 From: Omar Roth Date: Sun, 11 Mar 2018 10:24:12 -0500 Subject: [PATCH] Fix HSTS header --- src/invidious.cr | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/invidious.cr b/src/invidious.cr index 9936bd39..139c25ae 100644 --- a/src/invidious.cr +++ b/src/invidious.cr @@ -160,6 +160,10 @@ get "/" do |env| templated "index" end +before_all do |env| + env.response.headers.add("Strict-Transport-Security", "max-age=31536000; includeSubDomains; preload") +end + get "/watch" do |env| if env.params.query["v"]? id = env.params.query["v"] @@ -342,12 +346,11 @@ end if Kemal.config.ssl && redirect spawn do server = HTTP::Server.new("0.0.0.0", 80) do |context| - context.response.headers.add "Strict-Transport-Security", "max-age=31536000; includeSubDomains; preload" redirect_url = "https://#{context.request.host}#{context.request.path}" if context.request.query redirect_url += "?#{context.request.query}" end - context.response.headers.add "Location", redirect_url + context.response.headers.add("Location", redirect_url) context.response.status_code = 301 end