class Marten::Middleware::StrictTransportSecurity


Sets the Strict-Transport-Security header in the response if it wasn't already set.

This middleware automatically sets the HTTP Strict-Transport-Security (HSTS) response header for all responses unless it was already specified in the response headers. This allows to let browsers know that the considered website should only be accessed using HTTPS, which results in future HTTP requests to be automatically converted to HTTPS (up until the configured strict transport policy max age is reached).

Defined in:


Instance Method Summary

Instance methods inherited from class Marten::Middleware

call(request : Marten::HTTP::Request, get_response : Proc(Marten::HTTP::Response)) : Marten::HTTP::Response call, next : Nil | Middleware next, next=(next __arg0 : Nil | Middleware) next=

Instance Method Detail

def call(request : Marten::HTTP::Request, get_response : Proc(Marten::HTTP::Response)) : Marten::HTTP::Response #
Description copied from class Marten::Middleware

Calls the middleware for a given HTTP request and returns a HTTP response.

This method must be implemented by subclasses: it takes a request argument (the current HTTP request) and a get_response proc that allows to get the final response. This proc might actually call the next middleware in the chain of configured middlewares, or the final matched handler. That way, the current middleware have the ability to intercept any incoming request and the associated response, and to modify them if applicable.

[View source]