Hi Jess; this is more of a question than pull request because I am not yet sure of answer,
I have to make X Y and Z changes due to security; anyways most involve returning headers specifically which have been done.
Part of it require only using certain ciphers ([{dhe_rsa,aes_256_cbc,sha256},{dhe_dss,aes_256_cbc,sha256},{rsa,aes_256_cbc,sha256},{dhe_rsa,aes_256_cbc,sha},{dhe_dss,aes_256_cbc,sha},{rsa,aes_256_cbc,sha}]) and configuration such as for yaws protocol version.
i.e. protocol_version = tlsv1.2, tlsv1.1, tlsv1
Both are done by the configuration of yaws.
Some require cookie changes to the cookie. I struggled a bit; I now almost there or closer.
yaws_api:setcookie(Name, Value, Path, Expire).
to
yaws_api:setcookie(Name, Value, Path, Expire, Domian,Security = on).
This would almost work for me (but I am missing httponly flag). Which in yaws (1.99) is done by the following
%% @doc Generate a set_cookie header field tuple.
%% This function is more RFC6265 compliant than setcookie/6 and
%% therefore it deprecates setcookie/6 completely.
set_cookie(Key, Value, Options)
So my question is I have been using yaws for many years now. that is what I use; I know how to alter simple_bridge and other things with the head version to how I need.
So these cookie changes and default headers would there be any point of me doing a pull request for as probably requires some additional processing and maybe a specific usage case in my case? Upgrading of the yaws version of course as SSL protocol versions wasn't configurable before 1.99 (but I pull yaws from my own machine) rather than get-deps; but this is very simple.
I hope my question makes sense. If not please ask.
Hi Jess; this is more of a question than pull request because I am not yet sure of answer,
I have to make X Y and Z changes due to security; anyways most involve returning headers specifically which have been done.
Part of it require only using certain ciphers ([{dhe_rsa,aes_256_cbc,sha256},{dhe_dss,aes_256_cbc,sha256},{rsa,aes_256_cbc,sha256},{dhe_rsa,aes_256_cbc,sha},{dhe_dss,aes_256_cbc,sha},{rsa,aes_256_cbc,sha}]) and configuration such as for yaws protocol version. i.e. protocol_version = tlsv1.2, tlsv1.1, tlsv1 Both are done by the configuration of yaws.
Some require cookie changes to the cookie. I struggled a bit; I now almost there or closer.
to yaws_api:setcookie(Name, Value, Path, Expire, Domian,Security = on).
This would almost work for me (but I am missing httponly flag). Which in yaws (1.99) is done by the following
%% @doc Generate a set_cookie header field tuple. %% This function is more RFC6265 compliant than setcookie/6 and %% therefore it deprecates setcookie/6 completely. set_cookie(Key, Value, Options)
So my question is I have been using yaws for many years now. that is what I use; I know how to alter simple_bridge and other things with the head version to how I need.
So these cookie changes and default headers would there be any point of me doing a pull request for as probably requires some additional processing and maybe a specific usage case in my case? Upgrading of the yaws version of course as SSL protocol versions wasn't configurable before 1.99 (but I pull yaws from my own machine) rather than get-deps; but this is very simple.
I hope my question makes sense. If not please ask.