Struct hyper::header::StrictTransportSecurity [−] [src]

pub struct StrictTransportSecurity {
    pub include_subdomains: bool,
    pub max_age: u64,
}

StrictTransportSecurity header, defined in RFC6797

This specification defines a mechanism enabling web sites to declare themselves accessible only via secure connections and/or for users to be able to direct their user agent(s) to interact with given sites only over secure connections. This overall policy is referred to as HTTP Strict Transport Security (HSTS). The policy is declared by web sites via the Strict-Transport-Security HTTP response header field and/or by other means, such as user agent configuration, for example.

ABNF

     [ directive ]  *( ";" [ directive ] )

     directive                 = directive-name [ "=" directive-value ]
     directive-name            = token
     directive-value           = token | quoted-string

Example values

max-age=31536000
max-age=15768000 ; includeSubDomains

Example

use hyper::header::{Headers, StrictTransportSecurity};

let mut headers = Headers::new();

headers.set(
   StrictTransportSecurity::including_subdomains(31536000u64)
);

Fields

include_subdomains: bool

Signals the UA that the HSTS Policy applies to this HSTS Host as well as any subdomains of the host's domain name.

max_age: u64

Specifies the number of seconds, after the reception of the STS header field, during which the UA regards the host (from whom the message was received) as a Known HSTS Host.