diff --git a/src/freenet/clients/http/ToadletContextImpl.java b/src/freenet/clients/http/ToadletContextImpl.java index 934f806150..9a6ba9fb82 100644 --- a/src/freenet/clients/http/ToadletContextImpl.java +++ b/src/freenet/clients/http/ToadletContextImpl.java @@ -204,9 +204,8 @@ public void sendReplyHeadersStatic(int replyCode, String replyDescription, Multi @Override public void sendReplyHeadersFProxy(int replyCode, String replyDescription, MultiValueTable mvt, String mimeType, long contentLength) throws ToadletContextClosedException, IOException { - boolean enableJavascript = false; - if(container.isFProxyWebPushingEnabled() && container.isFProxyJavascriptEnabled()) - enableJavascript = true; + boolean enableJavascript; + enableJavascript = container.isFProxyWebPushingEnabled() && container.isFProxyJavascriptEnabled(); sendReplyHeaders(replyCode, replyDescription, mvt, mimeType, contentLength, null, false, true, enableJavascript); } @@ -216,12 +215,11 @@ private void sendReplyHeaders(int replyCode, String replyDescription, MultiValue throw new IllegalStateException("Already sent headers!", firstReplySendingException); } firstReplySendingException = new Exception(); - - if(replyCookies != null) { - if (mvt == null) { - mvt = new MultiValueTable(); - } - + + if (mvt == null) { + mvt = new MultiValueTable(); + } + if (replyCookies != null) { // We do NOT use "set-cookie2" even though we should according though RFC2965 - Firefox 3.0.14 ignores it for me! for(Cookie cookie : replyCookies) { @@ -231,6 +229,14 @@ private void sendReplyHeaders(int replyCode, String replyDescription, MultiValue Logger.minor(this, "set-cookie: " + cookieHeader); } } + + if (container.isSSL()) { + String HSTS = SSL.getHSTSHeader(); + if (!HSTS.isEmpty() && !mvt.containsKey("strict-transport-security")) { + // SSL enabled, set strict-transport-security so that the user agent upgrade future requests to SSL. + mvt.put("strict-transport-security", HSTS); + } + } sendReplyHeaders(sockOutputStream, replyCode, replyDescription, mvt, mimeType, contentLength, mTime, shouldDisconnect, enableJavascript, allowFrames); }