Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 49f2e75

Browse files
f0sself0ssel
committed
rip out hsts
1 parent fccf4bb commit 49f2e75

File tree

4 files changed

+18
-105
lines changed

4 files changed

+18
-105
lines changed

cli/start.go

Lines changed: 16 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -47,17 +47,16 @@ func start() *cobra.Command {
4747
dev bool
4848
postgresURL string
4949
// provisionerDaemonCount is a uint8 to ensure a number > 0.
50-
provisionerDaemonCount uint8
51-
tlsCertFile string
52-
tlsClientCAFile string
53-
tlsClientAuth string
54-
tlsEnable bool
55-
tlsKeyFile string
56-
tlsMinVersion string
57-
useTunnel bool
58-
traceDatadog bool
59-
strictTransportSecurity bool
60-
secureAuthCookie bool
50+
provisionerDaemonCount uint8
51+
tlsCertFile string
52+
tlsClientCAFile string
53+
tlsClientAuth string
54+
tlsEnable bool
55+
tlsKeyFile string
56+
tlsMinVersion string
57+
useTunnel bool
58+
traceDatadog bool
59+
secureAuthCookie bool
6160
)
6261
root := &cobra.Command{
6362
Use: "start",
@@ -129,13 +128,12 @@ func start() *cobra.Command {
129128
}
130129
logger := slog.Make(sloghuman.Sink(os.Stderr))
131130
options := &coderd.Options{
132-
AccessURL: accessURLParsed,
133-
Logger: logger.Named("coderd"),
134-
Database: databasefake.New(),
135-
Pubsub: database.NewPubsubInMemory(),
136-
GoogleTokenValidator: validator,
137-
StrictTransportSecurity: strictTransportSecurity,
138-
SecureAuthCookie: secureAuthCookie,
131+
AccessURL: accessURLParsed,
132+
Logger: logger.Named("coderd"),
133+
Database: databasefake.New(),
134+
Pubsub: database.NewPubsubInMemory(),
135+
GoogleTokenValidator: validator,
136+
SecureAuthCookie: secureAuthCookie,
139137
}
140138

141139
if !dev {
@@ -338,7 +336,6 @@ func start() *cobra.Command {
338336
cliflag.BoolVarP(root.Flags(), &useTunnel, "tunnel", "", "CODER_DEV_TUNNEL", true, "Serve dev mode through a Cloudflare Tunnel for easy setup")
339337
_ = root.Flags().MarkHidden("tunnel")
340338
cliflag.BoolVarP(root.Flags(), &traceDatadog, "trace-datadog", "", "CODER_TRACE_DATADOG", false, "Send tracing data to a datadog agent")
341-
cliflag.BoolVarP(root.Flags(), &strictTransportSecurity, "strict-transport-security", "", "CODER_STRICT_TRANSPORT_SECURITY", false, `Specifies if the "strict-transport-security" header is set on http responses`)
342339
cliflag.BoolVarP(root.Flags(), &secureAuthCookie, "secure-auth-cookie", "", "CODER_SECURE_AUTH_COOKIE", false, "Specifies if the 'Secure' property is set on browser session cookies")
343340

344341
return root

coderd/coderd.go

Lines changed: 2 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -30,8 +30,7 @@ type Options struct {
3030
AWSCertificates awsidentity.Certificates
3131
GoogleTokenValidator *idtoken.Validator
3232

33-
StrictTransportSecurity bool
34-
SecureAuthCookie bool
33+
SecureAuthCookie bool
3534
}
3635

3736
// New constructs the Coder API into an HTTP handler.
@@ -48,10 +47,7 @@ func New(options *Options) (http.Handler, func()) {
4847

4948
r := chi.NewRouter()
5049
r.Route("/api/v2", func(r chi.Router) {
51-
r.Use(
52-
chitrace.Middleware(),
53-
httpmw.StrictTransportSecurity(api.StrictTransportSecurity),
54-
)
50+
r.Use(chitrace.Middleware())
5551
r.Get("/", func(w http.ResponseWriter, r *http.Request) {
5652
httpapi.Write(w, http.StatusOK, httpapi.Response{
5753
Message: "👋",

coderd/httpmw/stricttransportsecurity.go

Lines changed: 0 additions & 30 deletions
This file was deleted.

coderd/httpmw/stricttransportsecurity_test.go

Lines changed: 0 additions & 50 deletions
This file was deleted.

0 commit comments

Comments
 (0)