macchiato.middleware.ssl

Liking cljdoc? Tell your friends :D

ClojureScript only.

default-scheme-header
forwarded-scheme-request
hsts-response
ssl-redirect-response
url
wrap-forwarded-scheme
wrap-hsts
wrap-ssl-redirect

Middleware for managing handlers operating over HTTPS.

Middleware for managing handlers operating over HTTPS.

raw docstring

default-scheme-header^cljs

The default header used in wrap-forwarded-scheme (x-forwarded-proto).

The default header used in wrap-forwarded-scheme (x-forwarded-proto).

source raw docstring

forwarded-scheme-request^cljs

(forwarded-scheme-request request)

(forwarded-scheme-request request header)

Change the :scheme of the request to the value present in a request header. See: wrap-forwarded-scheme.

Change the :scheme of the request to the value present in a request header.
See: wrap-forwarded-scheme.

source raw docstring

hsts-response^cljs

(hsts-response response)

(hsts-response response options)

Add the Strict-Transport-Security header to the response. See: wrap-hsts.

Add the Strict-Transport-Security header to the response. See: wrap-hsts.

source raw docstring

ssl-redirect-response^cljs

(ssl-redirect-response request options)

Given a HTTP request, return a redirect response to the equivalent HTTPS URL. See: wrap-ssl-redirect.

Given a HTTP request, return a redirect response to the equivalent HTTPS URL.
See: wrap-ssl-redirect.

source raw docstring

url^cljs

source

wrap-forwarded-scheme^cljs

(wrap-forwarded-scheme handler)

(wrap-forwarded-scheme handler header)

Middleware that changes the :scheme of the request map to the value present in a request header. This is useful if your application sits behind a reverse proxy or load balancer that handles the SSL transport.

The header defaults to x-forwarded-proto.

Middleware that changes the :scheme of the request map to the value present
in a request header. This is useful if your application sits behind a
reverse proxy or load balancer that handles the SSL transport.

The header defaults to x-forwarded-proto.

source raw docstring

wrap-hsts^cljs

(wrap-hsts handler)

(wrap-hsts handler options)

Middleware that adds the Strict-Transport-Security header to the response from the handler. This ensures the browser will only use HTTPS for future requests to the domain.

Accepts the following options:

:max-age - the max time in seconds the HSTS policy applies (defaults to 31536000 seconds, or 1 year)

:include-subdomains? - true if subdomains should be included in the HSTS policy (defaults to true)

See RFC 6797 for more information (https://tools.ietf.org/html/rfc6797).

Middleware that adds the Strict-Transport-Security header to the response
from the handler. This ensures the browser will only use HTTPS for future
requests to the domain.

Accepts the following options:

:max-age             - the max time in seconds the HSTS policy applies
                       (defaults to 31536000 seconds, or 1 year)

:include-subdomains? - true if subdomains should be included in the HSTS
                       policy (defaults to true)

See RFC 6797 for more information (https://tools.ietf.org/html/rfc6797).

source raw docstring

wrap-ssl-redirect^cljs

(wrap-ssl-redirect handler)

(wrap-ssl-redirect handler options)

Middleware that redirects any HTTP request to the equivalent HTTPS URL.

Accepts the following options:

:ssl-port - the SSL port to use for redirects, defaults to 443.

Middleware that redirects any HTTP request to the equivalent HTTPS URL.

Accepts the following options:

:ssl-port - the SSL port to use for redirects, defaults to 443.

source raw docstring