public function HstsSubscriber::onRespond in HTTP Strict Transport Security 8
Sets the header in all responses to include the HSTS max-age value.
Parameters
Symfony\Component\HttpKernel\Event\FilterResponseEvent $event: The event to process.
File
- src/
HstsSubscriber.php, line 43 - Contains \Drupal\hsts\HstsSubscriber.
Class
- HstsSubscriber
- Subscribes to the kernel request event to add HAL media types.
Namespace
Drupal\hstsCode
public function onRespond(FilterResponseEvent $event) {
if (!$this->config
->get('enabled')) {
return;
}
// Add the max age header.
$header = 'max-age=' . (int) $this->config
->get('max_age');
if ($this->config
->get('subdomains')) {
// Include subdomains
$header .= '; includeSubDomains';
}
if ($this->config
->get('preload')) {
// Add preload directive.
$header .= '; preload';
}
// Add the header.
$event
->getResponse()->headers
->set('Strict-Transport-Security', $header);
}