tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

hsts_headers.sjs (910B)

      1 /* Any copyright is dedicated to the Public Domain.
      2  * http://creativecommons.org/publicdomain/zero/1.0/ */
      3 
      4 function handleRequest(request, response) {
      5   if (request.queryString === "reset") {
      6     // Reset the HSTS policy, prevent influencing other tests
      7     response.setStatusLine(request.httpVersion, 200, "OK");
      8     response.setHeader("Strict-Transport-Security", "max-age=0");
      9     response.write("Resetting HSTS");
     10     return;
     11   }
     12   let hstsHeader = "max-age=60";
     13   response.setHeader("Strict-Transport-Security", hstsHeader);
     14   response.setHeader("Cache-Control", "no-cache", false);
     15   response.setHeader("Content-Type", "text/html", false);
     16   // Set header for csp upgrade
     17   response.setHeader(
     18     "Content-Security-Policy",
     19     "upgrade-insecure-requests",
     20     false
     21   );
     22   response.setStatusLine(request.httpVersion, 200);
     23   response.write("<!DOCTYPE html><html><body><h1>Ok!</h1></body></html>");
     24 }