Google Git
Sign in
go / playground / ac9505c2b618d00ed89d7c55556a4405a484c239^! / .
commitac9505c2b618d00ed89d7c55556a4405a484c239[log] [tgz]
authorAndrew Gerrand <adg@golang.org>Mon May 02 09:57:05 2016 -0700
committerAndrew Gerrand <adg@golang.org>Mon May 02 17:07:17 2016 +0000
tree9559d91e9d06c74acd242e129667a7e9b013a0ff
parentb2e2ef57e4210f6131f2bfc35af6d9173c0946f4 [diff]
app: set Strict-Transport-Security header

Change-Id: I4bae73fe75309a0c631b8c283e8539878aa35d30
Reviewed-on: https://go-review.googlesource.com/22702
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>

diff --git a/app/goplay/compile.go b/app/goplay/compile.go
index be1e3e7..f5bed89 100644
--- a/app/goplay/compile.go
+++ b/app/goplay/compile.go

@@ -16,7 +16,7 @@
 const runUrl = "http://golang.org/compile?output=json"
 
 func init() {
-	http.HandleFunc("/compile", compile)
+	http.Handle("/compile", hstsHandler(compile))
 }
 
 func compile(w http.ResponseWriter, r *http.Request) {

diff --git a/app/goplay/edit.go b/app/goplay/edit.go
index ce29a78..c7e2cbb 100644
--- a/app/goplay/edit.go
+++ b/app/goplay/edit.go

@@ -16,7 +16,7 @@
 const hostname = "play.golang.org"
 
 func init() {
-	http.HandleFunc("/", edit)
+	http.Handle("/", hstsHandler(edit))
 }
 
 var editTemplate = template.Must(template.ParseFiles("goplay/edit.html"))

diff --git a/app/goplay/fmt.go b/app/goplay/fmt.go
index a862343..b6842f3 100644
--- a/app/goplay/fmt.go
+++ b/app/goplay/fmt.go

@@ -13,7 +13,7 @@
 )
 
 func init() {
-	http.HandleFunc("/fmt", fmtHandler)
+	http.Handle("/fmt", hstsHandler(fmtHandler))
 }
 
 type fmtResponse struct {

diff --git a/app/goplay/hsts.go b/app/goplay/hsts.go
new file mode 100644
index 0000000..c0927d2
--- /dev/null
+++ b/app/goplay/hsts.go

@@ -0,0 +1,15 @@
+// Copyright 2016 The Go Authors.  All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package goplay
+
+import "net/http"
+
+// hstsHandler wraps an http.HandlerFunc such that it sets the HSTS header.
+func hstsHandler(fn http.HandlerFunc) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Strict-Transport-Security", "max-age=31536000; preload")
+		fn(w, r)
+	})
+}

diff --git a/app/goplay/play.go b/app/goplay/play.go
index b8257f1..e4c6c54 100644
--- a/app/goplay/play.go
+++ b/app/goplay/play.go

@@ -12,7 +12,7 @@
 )
 
 func init() {
-	http.HandleFunc("/playground.js", play)
+	http.Handle("/playground.js", hstsHandler(play))
 }
 
 func play(w http.ResponseWriter, r *http.Request) {

diff --git a/app/goplay/share.go b/app/goplay/share.go
index 72fca10..fc0fe3e 100644
--- a/app/goplay/share.go
+++ b/app/goplay/share.go

@@ -35,7 +35,7 @@
 }
 
 func init() {
-	http.HandleFunc("/share", share)
+	http.Handle("/share", hstsHandler(share))
 }
 
 func share(w http.ResponseWriter, r *http.Request) {