HSTS — Aquilia Documentation
Comprehensive guide and documentation for HSTS in the Aquilia framework. View API reference, examples, and implementation patterns.
MIDDLEWARE / HSTS SECURITY HSTSMiddleware The HSTSMiddleware enforces HTTPS-only communication by appending the HTTP Strict Transport Security header to responses. Constructor Configuration The middleware constructor defines HSTS parameters standard across modern web security audits: max_age: int = 31536000 — The number of seconds browsers should remember this domain must only be accessed via HTTPS (defaults to 1 year). include_subdomains: bool = True — Applies the strict HTTPS directive recursively to all subdomains. preload: bool = False — Opts the domain into major browser HSTS preload list registries (e.g. hstspreload.org). Usage Example from aquilia.middleware_ext import HSTSMiddleware from aquilia.workspace import Workspace from aquilia.integrations import MiddlewareChain workspace = Workspace("myapp").middleware( MiddlewareChain().use( "aquilia.middleware_ext.security:HSTSMiddleware", priority=10, max_age=63072000, # 2 years include_subdomains=True, preload=True ) ) Overview )
Go to Homepage