mirror of
https://github.com/hedgedoc/hedgedoc.git
synced 2024-11-22 01:36:29 -05:00
refactor: remove HstsConfig
This config object was originally ported from the HD1 config, but is not required anymore. HD2 does not support handling TLS anymore, so it does not make sense for it to set TLS-related headers. The reverse proxy terminating TLS can easily set HSTS headers. Signed-off-by: David Mehren <git@herrmehren.de>
This commit is contained in:
parent
bf3e7e1f44
commit
0693812e8b
3 changed files with 0 additions and 57 deletions
|
@ -20,7 +20,6 @@ import cspConfig from './config/csp.config';
|
||||||
import customizationConfig from './config/customization.config';
|
import customizationConfig from './config/customization.config';
|
||||||
import databaseConfig, { DatabaseConfig } from './config/database.config';
|
import databaseConfig, { DatabaseConfig } from './config/database.config';
|
||||||
import externalConfig from './config/external-services.config';
|
import externalConfig from './config/external-services.config';
|
||||||
import hstsConfig from './config/hsts.config';
|
|
||||||
import mediaConfig from './config/media.config';
|
import mediaConfig from './config/media.config';
|
||||||
import noteConfig from './config/note.config';
|
import noteConfig from './config/note.config';
|
||||||
import { eventModuleConfig } from './events';
|
import { eventModuleConfig } from './events';
|
||||||
|
@ -80,7 +79,6 @@ const routes: Routes = [
|
||||||
appConfig,
|
appConfig,
|
||||||
noteConfig,
|
noteConfig,
|
||||||
mediaConfig,
|
mediaConfig,
|
||||||
hstsConfig,
|
|
||||||
cspConfig,
|
cspConfig,
|
||||||
databaseConfig,
|
databaseConfig,
|
||||||
authConfig,
|
authConfig,
|
||||||
|
|
|
@ -1,51 +0,0 @@
|
||||||
/*
|
|
||||||
* SPDX-FileCopyrightText: 2022 The HedgeDoc developers (see AUTHORS file)
|
|
||||||
*
|
|
||||||
* SPDX-License-Identifier: AGPL-3.0-only
|
|
||||||
*/
|
|
||||||
import { registerAs } from '@nestjs/config';
|
|
||||||
import * as Joi from 'joi';
|
|
||||||
|
|
||||||
import { buildErrorMessage, parseOptionalNumber } from './utils';
|
|
||||||
|
|
||||||
export interface HstsConfig {
|
|
||||||
enable: boolean;
|
|
||||||
maxAgeSeconds: number;
|
|
||||||
includeSubdomains: boolean;
|
|
||||||
preload: boolean;
|
|
||||||
}
|
|
||||||
|
|
||||||
const hstsSchema = Joi.object({
|
|
||||||
enable: Joi.boolean().default(true).optional().label('HD_HSTS_ENABLE'),
|
|
||||||
maxAgeSeconds: Joi.number()
|
|
||||||
.default(60 * 60 * 24 * 365)
|
|
||||||
.optional()
|
|
||||||
.label('HD_HSTS_MAX_AGE'),
|
|
||||||
includeSubdomains: Joi.boolean()
|
|
||||||
.default(true)
|
|
||||||
.optional()
|
|
||||||
.label('HD_HSTS_INCLUDE_SUBDOMAINS'),
|
|
||||||
preload: Joi.boolean().default(true).optional().label('HD_HSTS_PRELOAD'),
|
|
||||||
});
|
|
||||||
|
|
||||||
export default registerAs('hstsConfig', () => {
|
|
||||||
const hstsConfig = hstsSchema.validate(
|
|
||||||
{
|
|
||||||
enable: process.env.HD_HSTS_ENABLE,
|
|
||||||
maxAgeSeconds: parseOptionalNumber(process.env.HD_HSTS_MAX_AGE),
|
|
||||||
includeSubdomains: process.env.HD_HSTS_INCLUDE_SUBDOMAINS,
|
|
||||||
preload: process.env.HD_HSTS_PRELOAD,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
abortEarly: false,
|
|
||||||
presence: 'required',
|
|
||||||
},
|
|
||||||
);
|
|
||||||
if (hstsConfig.error) {
|
|
||||||
const errorMessages = hstsConfig.error.details.map(
|
|
||||||
(detail) => detail.message,
|
|
||||||
);
|
|
||||||
throw new Error(buildErrorMessage(errorMessages));
|
|
||||||
}
|
|
||||||
return hstsConfig.value as HstsConfig;
|
|
||||||
});
|
|
|
@ -31,9 +31,6 @@ The config of HedgeDoc is split up into **nine** different modules:
|
||||||
`external-services.config.ts`
|
`external-services.config.ts`
|
||||||
: Which external services are activated and where can they be called
|
: Which external services are activated and where can they be called
|
||||||
|
|
||||||
`hsts.config.ts`
|
|
||||||
: Configuration for [HTTP Strict-Transport-Security][hsts]
|
|
||||||
|
|
||||||
`media.config.ts`
|
`media.config.ts`
|
||||||
: Where media files are being stored
|
: Where media files are being stored
|
||||||
|
|
||||||
|
@ -96,6 +93,5 @@ Some config files also have a `.mock.ts` file which defines the configuration fo
|
||||||
Those files just contain the default export and return the mock config object.
|
Those files just contain the default export and return the mock config object.
|
||||||
|
|
||||||
[csp]: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
|
[csp]: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
|
||||||
[hsts]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
|
|
||||||
[joi]: https://joi.dev/
|
[joi]: https://joi.dev/
|
||||||
[joi-doc]: https://joi.dev/api
|
[joi-doc]: https://joi.dev/api
|
||||||
|
|
Loading…
Reference in a new issue