search

twisted / twisted

Event-driven networking engine written in Python.
https://twisted.org
Other
5.58k stars 1.17k forks source link

Implement HSTS (HTTP Strict Transport Security) #7041

Open twisted-trac opened 10 years ago

twisted-trac commented 10 years ago
lvh's avatar @lvh reported
Trac ID trac#7041
Type enhancement
Created 2014-03-19 15:20:26Z

I hacked this together for the Crypto 101 website, and it works: https://github.com/crypto101/website/blob/master/c101ws/web.py#L20

Searchable metadata ``` trac-id__7041 7041 type__enhancement enhancement reporter__lvh lvh priority__normal normal milestone__ branch__ branch_author__ status__new new resolution__None None component__web web keywords__security_ssl_tls security ssl tls time__1395242426000000 1395242426000000 changetime__1469821409727480 1469821409727480 version__None None owner__ cc__jknight cc__oberstet ```
twisted-trac commented 8 years ago
Julian's avatar @Julian commented

I'm not sure this is what LVH originally was asking for, but it'd be nice to have an (? endpoint wrapper? somethign else?) that did the work of "create a separate site that just 301s to HTTPS, and on the https one, set the header" -- i.e. both halves of the equation?

twisted-trac commented 10 years ago
exarkun's avatar @exarkun commented

So... set a header? But applications can already set headers. What is the feature desired?