Enum rocket_contrib::helmet::Hsts

source · 
pub enum Hsts {
    Enable(Duration),
    IncludeSubDomains(Duration),
    Preload(Duration),
}
Expand description

The HTTP Strict-Transport-Security (HSTS) header: enforces strict HTTPS usage.

HSTS tells the browser that the site should only be accessed using HTTPS instead of HTTP. HSTS prevents a variety of downgrading attacks and should always be used when TLS is enabled. SpaceHelmet will turn HSTS on and issue a warning if you enable TLS without enabling HSTS when the application is run in the staging or production environments.

While HSTS is important for HTTPS security, incorrectly configured HSTS can lead to problems as you are disallowing access to non-HTTPS enabled parts of your site. Yelp engineering has good discussion of potential challenges that can arise and how to roll this out in a large scale setting. So, if you use TLS, use HSTS, but roll it out with care.

Variants§

§

Enable(Duration)

Browser should only permit this site to be accesses by HTTPS for the next Duration.

§

IncludeSubDomains(Duration)

Like Hsts::Enable, but also apply to all of the site’s subdomains.

§

Preload(Duration)

Google maintains an HSTS preload service that can be used to prevent the browser from ever connecting to your site over an insecure connection. Read more here. Don’t enable this before you have registered your site.

Trait Implementations§

source§

impl Default for Hsts

Defaults to Hsts::Enable(Duration::weeks(52)).

source§

fn default() -> Hsts

Returns the “default value” for a type. Read more
source§

impl<'a> Into<Header<'static>> for &'a Hsts

source§

fn into(self) -> Header<'static>

Converts this type into the (usually inferred) input type.
source§

impl Policy for Hsts

source§

const NAME: &'static str = "Strict-Transport-Security"

The actual name of the HTTP header. Read more
source§

fn header(&self) -> Header<'static>

Returns the Header to attach to all outgoing responses. Read more

Auto Trait Implementations§

§

impl Freeze for Hsts

§

impl RefUnwindSafe for Hsts

§

impl Send for Hsts

§

impl Sync for Hsts

§

impl Unpin for Hsts

§

impl UnwindSafe for Hsts

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T, I> AsResult<T, I> for T
where I: Input,

source§

fn as_result(self) -> Result<T, ParseErr<I>>

source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

§

impl<T> IntoCollection<T> for T

§

fn into_collection<A>(self) -> SmallVec<A>
where A: Array<Item = T>,

Converts self into a collection.
§

fn mapped<U, F, A>(self, f: F) -> SmallVec<A>
where F: FnMut(T) -> U, A: Array<Item = U>,

source§

impl<T> IntoSql for T

source§

fn into_sql<T>(self) -> Self::Expression
where Self: Sized + AsExpression<T>,

Convert self to an expression for Diesel’s query builder. Read more
source§

fn as_sql<'a, T>(&'a self) -> <&'a Self as AsExpression<T>>::Expression
where &'a Self: AsExpression<T>,

Convert &self to an expression for Diesel’s query builder. Read more
source§

impl<T> Same for T

source§

type Output = T

Should always be Self
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

source§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

source§

type Err = <U as TryFrom<T>>::Err

source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Err>

source§

impl<T> Typeable for T
where T: Any,

source§

fn get_type(&self) -> TypeId

Get the TypeId of this object.
source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

source§

fn vzip(self) -> V