UNPKG

event_request

Version:

A Backend Server

stefangenov.site/projects

Michaelpalacce/EventRequest

127 lines (106 loc) 2.88 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
'use strict'; /** * @brief Time in seconds for which the browser should remember that this site should be accessed through https * * @details One year in seconds * * @var {Number} */ const DEFAULT_MAX_AGE = 31536000; const DEFAULT_INCLUDE_SUB_DOMAINS = false; const DEFAULT_PRELOAD = false; /** * @brief Name of the HSTS header * * @var {String} */ const HEADER_NAME = 'Strict-Transport-Security'; // Option keys const OPTIONS_MAX_AGE_KEY = 'maxAge'; const OPTIONS_PRELOAD_KEY = 'preload'; const OPTIONS_INCLUDE_SUB_DOMAINS_KEY = 'includeSubDomains'; // Header keys const MAX_AGE_KEY = 'max-age'; const INCLUDE_SUB_DOMAINS_KEY = 'includeSubDomains'; const PRELOAD_KEY = 'preload'; /** * @brief Formats a HSTS header */ class HttpStrictTransportSecurity { constructor( options = {} ) { this.parseOptions( options ); } /** * @brief Parses the options given to the HSTS class * * @param {Object} [options={}] */ parseOptions( options = {} ) { this.setEnabled( options.enabled ); this.maxAge = typeof options[OPTIONS_MAX_AGE_KEY] === 'number' ? options[OPTIONS_MAX_AGE_KEY] : DEFAULT_MAX_AGE; this.doIncludeSubDomains = typeof options[OPTIONS_INCLUDE_SUB_DOMAINS_KEY] === 'boolean' ? options[OPTIONS_INCLUDE_SUB_DOMAINS_KEY] : DEFAULT_INCLUDE_SUB_DOMAINS; this.doPreload = typeof options[OPTIONS_PRELOAD_KEY] === 'boolean' ? options[OPTIONS_PRELOAD_KEY] : DEFAULT_PRELOAD; } /** * @brief Sets the component's to either be enabled or not * * @param {Boolean} [enabled=true] */ setEnabled( enabled = true ) { this.enabled = typeof enabled === 'boolean' ? enabled : true; } /** * @brief Sets the component's to either be preloaded or not * * @param {Boolean} [preload=true] */ preload( preload = true ) { this.doPreload = typeof preload === 'boolean' ? preload : this.doPreload; } /** * @brief Sets the enforce flag * * @param {Number} maxAge */ setMaxAge( maxAge ) { this.maxAge = typeof maxAge === 'number' ? maxAge : this.maxAge; } /** * @brief Enable or disable includeSubDomains * * @param {Boolean} [include=true] */ includeSubDomains( include = true ) { this.doIncludeSubDomains = typeof include === 'boolean' ? include : this.doIncludeSubDomains; } /** * @brief Returns the header name * * @return {String} */ getHeader() { return HEADER_NAME; } /** * @brief Builds the header * * @return {String} */ build() { if ( ! this.enabled ) return ''; let headerContent = `${MAX_AGE_KEY}=${this.maxAge};`; if ( this.doIncludeSubDomains === true ) headerContent += ` ${INCLUDE_SUB_DOMAINS_KEY};`; if ( this.doPreload === true ) headerContent += ` ${PRELOAD_KEY};`; return headerContent; } } module.exports = HttpStrictTransportSecurity;