Add preload support to Strict-Transport-Security #6321
Conversation
|
Pull request for github issue: |
|
@ankurpathak |
|
@OArtyomov Nope. I provided support for Java Config. |
ankurpathak
force-pushed
the
gh-6312-fix
branch
from
0ebcfaa to
7297d14
Compare
@OArtyomov I added xml support for it as well. |
ankurpathak
force-pushed
the
gh-6312-fix
branch
4 times, most recently
from
2c97d48 to
975726c
Compare
| @@ -142,7 +142,7 @@ public void sizeWhenReadingFilesystemThenIsCorrectNumberOfSchemaFiles() | |||
|
|
|||
| String[] schemas = resource.getFile().getParentFile().list((dir, name) -> name.endsWith(".xsd")); | |||
|
|
|||
| assertThat(schemas.length).isEqualTo(13) | |||
| assertThat(schemas.length).isEqualTo(14) | |||
| .withFailMessage("the count is equal to 12, if not then schemaDocument needs updating"); | |||
| } | |||
There was a problem hiding this comment.
Not sure if the fail message needs updating?
There was a problem hiding this comment.
@rmartinus I think it must be updated to 14. As its reading 14 files and I have added xsd for Spring Security 5.2. I am waitnig for review from @rwinch.
There was a problem hiding this comment.
@ankurpathak yeah, 14 makes sense to me.
There was a problem hiding this comment.
@rmartinus Thanks. Fail message changed to reflect 14.
ankurpathak
force-pushed
the
gh-6312-fix
branch
from
975726c to
abd2702
Compare
There was a problem hiding this comment.
Thanks for the PR @ankurpathak! Overall the code looks good. Can you please add documentation? I'd also like a link to how user's are able to add their site to be preloaded and the recommended process for adding the preload flag. The site https://hstspreload.org is a good start for external links.
|
I have already provided documentation for methods. Also added link to hstspreoad.org for additional details. |
ankurpathak
force-pushed
the
gh-6312-fix
branch
2 times, most recently
from
6b8be5f to
ff4a58d
Compare
|
@ankurpathak Sorry that I was not clear. I was speaking in reference to adding documentation at https://github.com/spring-projects/spring-security/blob/0656d2bc052358b2d8fc5fd1be2be682f3e8169e/docs/manual/src/docs/asciidoc/_includes/reactive/headers.adoc#webflux-headers-hsts |
1. Preload support in Servlet Security(XML & Java) 2. Preload support in Reactive Security 3. Test for preload support in Servlet Security 4. Test for preload support in Reactive Security Fixes: spring-projectsgh-6312
ankurpathak
force-pushed
the
gh-6312-fix
branch
from
ff4a58d to
3fcc95d
Compare
|
Documention done for both servlet and reactive part both in headers.adoc file. |
|
Thanks @ankurpathak! This is now merged into master |
rwinch
added
status: duplicate
Fixes: gh-6312