Skip to content

Commit 803313d

Browse files
f0sself0ssel
committed
pr comments
1 parent 197b163 commit 803313d

File tree

3 files changed

+14
-13
lines changed

3 files changed

+14
-13
lines changed

cli/start.go

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -129,13 +129,13 @@ func start() *cobra.Command {
129129
}
130130
logger := slog.Make(sloghuman.Sink(os.Stderr))
131131
options := &coderd.Options{
132-
AccessURL: accessURLParsed,
133-
Logger: logger.Named("coderd"),
134-
Database: databasefake.New(),
135-
Pubsub: database.NewPubsubInMemory(),
136-
GoogleTokenValidator: validator,
137-
HSTS: strictTransportSecurity,
138-
SecureCookie: secureCookie,
132+
AccessURL: accessURLParsed,
133+
Logger: logger.Named("coderd"),
134+
Database: databasefake.New(),
135+
Pubsub: database.NewPubsubInMemory(),
136+
GoogleTokenValidator: validator,
137+
StrictTransportSecurity: strictTransportSecurity,
138+
SecureCookie: secureCookie,
139139
}
140140

141141
if !dev {

coderd/coderd.go

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -30,8 +30,8 @@ type Options struct {
3030
AWSCertificates awsidentity.Certificates
3131
GoogleTokenValidator *idtoken.Validator
3232

33-
HSTS bool
34-
SecureCookie bool
33+
StrictTransportSecurity bool
34+
SecureCookie bool
3535
}
3636

3737
// New constructs the Coder API into an HTTP handler.
@@ -50,7 +50,7 @@ func New(options *Options) (http.Handler, func()) {
5050
r.Route("/api/v2", func(r chi.Router) {
5151
r.Use(
5252
chitrace.Middleware(),
53-
httpmw.HSTS(api.HSTS),
53+
httpmw.StrictTransportSecurity(api.StrictTransportSecurity),
5454
)
5555
r.Get("/", func(w http.ResponseWriter, r *http.Request) {
5656
httpapi.Write(w, http.StatusOK, httpapi.Response{

coderd/httpmw/hsts_test.go

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -6,9 +6,10 @@ import (
66
"net/http/httptest"
77
"testing"
88

9-
"github.com/coder/coder/coderd/httpmw"
109
"github.com/go-chi/chi/v5"
1110
"github.com/stretchr/testify/require"
11+
12+
"github.com/coder/coder/coderd/httpmw"
1213
)
1314

1415
func TestStrictTransportSecurity(t *testing.T) {
@@ -32,14 +33,14 @@ func TestStrictTransportSecurity(t *testing.T) {
3233

3334
res := setup(true)
3435
defer res.Body.Close()
35-
require.Contains(t, res.Header.Get(httpmw.StrictTransportSecurityHeader), fmt.Sprintf("max-age=%d", int64(httpmw.StrictTransportSecurityMaxAge)))
36+
require.Contains(t, res.Header.Get(httpmw.StrictTransportSecurityHeader), fmt.Sprintf("max-age=%d", int64(httpmw.StrictTransportSecurityMaxAge.Seconds())))
3637
})
3738
t.Run("False", func(t *testing.T) {
3839
t.Parallel()
3940

4041
res := setup(false)
4142
defer res.Body.Close()
42-
require.NotContains(t, res.Header.Get(httpmw.StrictTransportSecurityHeader), fmt.Sprintf("max-age=%d", int64(httpmw.StrictTransportSecurityMaxAge)))
43+
require.NotContains(t, res.Header.Get(httpmw.StrictTransportSecurityHeader), fmt.Sprintf("max-age=%d", int64(httpmw.StrictTransportSecurityMaxAge.Seconds())))
4344
require.Equal(t, res.Header.Get(httpmw.StrictTransportSecurityHeader), "")
4445
})
4546
}

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy