1.4.5.2

2026-02-04 20:27:13 +08:00
commit 3b042d1dad
9410 changed files with 1488147 additions and 0 deletions
--- a/EdgeCommon/pkg/serverconfigs/sslconfigs/ssl_hsts.go
+++ b/EdgeCommon/pkg/serverconfigs/sslconfigs/ssl_hsts.go
@@ -0,0 +1,63 @@
+package sslconfigs
+
+import (
+	"github.com/TeaOSLab/EdgeCommon/pkg/configutils"
+	"strconv"
+	"strings"
+)
+
+// HSTS设置
+// 参考： https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
+type HSTSConfig struct {
+	IsOn              bool     `yaml:"isOn" json:"isOn"`
+	MaxAge            int      `yaml:"maxAge" json:"maxAge"` // 单位秒
+	IncludeSubDomains bool     `yaml:"includeSubDomains" json:"includeSubDomains"`
+	Preload           bool     `yaml:"preload" json:"preload"`
+	Domains           []string `yaml:"domains" json:"domains"`
+
+	hasDomains  bool
+	headerValue string
+}
+
+// 校验
+func (this *HSTSConfig) Init() error {
+	this.hasDomains = len(this.Domains) > 0
+	this.headerValue = this.asHeaderValue()
+	return nil
+}
+
+// 判断是否匹配域名
+func (this *HSTSConfig) Match(domain string) bool {
+	if !this.hasDomains {
+		return true
+	}
+	return configutils.MatchDomains(this.Domains, domain)
+}
+
+// Header Key
+func (this *HSTSConfig) HeaderKey() string {
+	return "Strict-Transport-Security"
+}
+
+// 取得当前的Header值
+func (this *HSTSConfig) HeaderValue() string {
+	return this.headerValue
+}
+
+// 转换为Header值
+func (this *HSTSConfig) asHeaderValue() string {
+	b := strings.Builder{}
+	b.WriteString("max-age=")
+	if this.MaxAge > 0 {
+		b.WriteString(strconv.Itoa(this.MaxAge))
+	} else {
+		b.WriteString("31536000") // 1 year
+	}
+	if this.IncludeSubDomains {
+		b.WriteString("; includeSubDomains")
+	}
+	if this.Preload {
+		b.WriteString("; preload")
+	}
+	return b.String()
+}