https

package module

v0.0.0-...-9734048 Latest Latest Go to latest Published: Nov 3, 2024 License: BSD-2-Clause Imports: 9 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/edpin/https

Links

Open Source Insights

README ¶

Go HTTPS

This is work-in-progress.

Package https wraps Go's package http and ensures connections are secure and using up-to-date transports.

Currently, a simple client is provided. It limits the client to a few safe ciphers and encourages the use of stronger elliptic-curves first. It also ensures that requests are always HTTPS and they never get redirected to plain HTTP.

To instantiate a new HTTPS client:

client := https.NewClient()
// Use it as you would use http.Client.
resp, err := client.Get("https://example.com")

To start a new HTTPS server:

// Register some handlers:
mux := http.NewServeMux()
mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
    w.Write([]byte("Hello world"))
})

// Secure it with a TLS certificate using Let's  Encrypt:
m := autocert.Manager{
	Prompt:     autocert.AcceptTOS,
	Cache:      autocert.DirCache("/etc/acme-cache/"),
	Email:      "me@example.com",
	HostPolicy: autocert.HostWhitelist("example.com"),
}

// Start a secure server:
https.StartSecureServer(mux, m.GetCertificate)

TODOs

provide a list of trustworthy root CAs (with proven certificate transparency logs).

Documentation ¶

Overview ¶

Package https wraps package http and ensures connections are secure and using up-to-date transports.

Index ¶

func NewHSTS(h http.Handler) http.Handler
func NewSecureServer(m *autocert.Manager) *http.Server
func StartSecureServer(h http.Handler, m *autocert.Manager)
type Client
- func NewClient() *Client

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewHSTS ¶

func NewHSTS(h http.Handler) http.Handler

NewHSTS returns an HTTP handler that sets HSTS headers on all requests.

func NewSecureServer ¶

func NewSecureServer(m *autocert.Manager) *http.Server

NewSecureServer returns a new HTTP server with strict security settings.

func StartSecureServer ¶

func StartSecureServer(h http.Handler, m *autocert.Manager)

StartSecureServer starts an HTTPS server with a Handler and an autocert manager. The HTTPS server started enables HTST by default to ensure maximum protection (see https://www.owasp.org/index.php/HTTP_Strict_Transport_Security_Cheat_Sheet). StartSecureServer also starts an HTTP server that redirects all requests to their HTTPS counterpart and immediately terminates all connections.

Types ¶

type Client ¶

type Client struct {
	*http.Client
}

Client wraps an http.Client and ensures all connections are HTTPS and on the most recent TLS version with strong ciphers.

func NewClient ¶

func NewClient() *Client

NewClient creates a new HTTPS client.

func (*Client) Do ¶

func (c *Client) Do(req *http.Request) (*http.Response, error)

Do overrides http.Client.Do. We just ensure the request is an HTTPS request.

func (*Client) Get ¶

func (c *Client) Get(url string) (resp *http.Response, err error)

Get overrides http.Get.

func (*Client) Head ¶

func (c *Client) Head(url string) (resp *http.Response, err error)

Head overrides http.Head.

func (*Client) Post ¶

func (c *Client) Post(url string, bodyType string, body io.Reader) (resp *http.Response, err error)

Post overrides http.Post.

func (*Client) PostForm ¶

func (c *Client) PostForm(url string, data url.Values) (resp *http.Response, err error)

PostForm overrides http.PostForm.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL