I have a groovy code running on Grails server. How do i configure it for HSTS ? I looked through Groovy specs there is nothing i found useful.
This is what I want to achieve
When I look at any HTTP Response from the server. I must see a header such as below
Strict-Transport-Security: max-age=31536000
Can you please suggest some pointers ?
答案 0 :(得分:1)
我建议实现自定义servlet过滤器,如下所示:
@Priority(Integer.MIN_VALUE)
public class HstsFilter extends OncePerRequestFilter {
public HstsFilter() {
}
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
filterChain.doFilter(request, response);
response.addHeader("Strict-Transport-Security", "max-age=31536000");
}
}
然后你需要在resources.groovy
注册它:
beans = {
hstsFilter(HstsFilter)
}
此代码在Grails 3.1.4上进行了测试