diff --git a/stapler/handlers.py b/stapler/handlers.py index 870015c..fed0015 100644 --- a/stapler/handlers.py +++ b/stapler/handlers.py @@ -29,6 +29,10 @@ class BaseHandler(abc.ABC, http.server.BaseHTTPRequestHandler): timeout = 10 protocol_version = "HTTP/1.1" REQUEST_COUNT = 0 + RESPONSE_HEADERS: typing.ClassVar = { + "Connection": "close", + "Strict-Transport-Security": "max-age=31536000; includeSubDomains; preload", + } @typing.override def __init__( @@ -151,7 +155,7 @@ class BaseHandler(abc.ABC, http.server.BaseHTTPRequestHandler): self.send_response(code, message) self.send_header("Content-Type", f"{content_type}; charset=UTF-8") self.send_header("Content-Length", str(len(encoded))) - self.send_header("Connection", "close") + self._send_basic_headers() self.end_headers() if self.command != http.HTTPMethod.HEAD: self.wfile.write(encoded) @@ -167,7 +171,7 @@ class BaseHandler(abc.ABC, http.server.BaseHTTPRequestHandler): headers = {} self.send_response(code, message) self.send_header("Content-Length", "0") - self.send_header("Connection", "close") + self._send_basic_headers() for header, value in headers.items(): self.send_header(header, value) self.end_headers() @@ -221,7 +225,7 @@ class BaseHandler(abc.ABC, http.server.BaseHTTPRequestHandler): ]: self.send_header(header, value.replace(target_host, self.host)) self.send_header("Content-Length", str(out_size := len(response.content))) - self.send_header("Connection", "close") + self._send_basic_headers() self.end_headers() if out_size > 0 and self.command != http.HTTPMethod.HEAD: self.wfile.write(response.content) @@ -269,6 +273,10 @@ class BaseHandler(abc.ABC, http.server.BaseHTTPRequestHandler): self.send_error(http.HTTPStatus.INTERNAL_SERVER_ERROR, str(e)) self.logger.exception("Internal Server Error") + def _send_basic_headers(self) -> None: + for header, value in self.RESPONSE_HEADERS.items(): + self.send_header(header, value) + class RequestHandler(http.server.SimpleHTTPRequestHandler, BaseHandler): protocol_version = "HTTP/1.1"