Surround HSTS header value with "" + add endpoint to openapi.yaml

snowplow · Jan 29, 2024 · f5e9718 · f5e9718
1 parent f55c81e
commit f5e9718
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 4 deletions.
diff --git a/provisioning/resources/configs/openapi.yaml b/provisioning/resources/configs/openapi.yaml
@@ -221,9 +221,18 @@ paths:
           description: "Telemetry has been reconfigured"
         "401":
           description: "Unauthorized"
-
-
-
+  /add-hsts:
+    put:
+      tags:
+      - "configuration"
+      summary: "Add HSTS header"
+      description: "Adds HSTS header to underlying caddy configuration. When added, 'Strict-Transport-Security' header is returned for each HTTPS response"
+      operationId: "addHsts"
+      responses:
+        "200":
+          description: "HSTS header has been added"
+        "401":
+          description: "Unauthorized"
 
   /restart-services:
     put:

diff --git a/provisioning/resources/control-plane/add_hsts_header.go b/provisioning/resources/control-plane/add_hsts_header.go
@@ -31,7 +31,7 @@ func addHstsHeader(configPath string) error {
 		`
       handle @isHttps {
         import handleProtectedPaths
-        header Strict-Transport-Security max-age=31536000; includeSubDomains
+        header Strict-Transport-Security "max-age=31536000; includeSubDomains"
       }
 `
 	newCaddyConfig := strings.Replace(string(currentConfig), toReplacePattern, replaceWithHsts, 1)