Reputation: 1
How to Enable HSTS in Play framework 2.3.x using scala code?
I have a Play Framework 2.3.6 version app running on Sbt, using Sbt SSL endpoint with scala coding...
I would like to see the (hsts)strict transport security response in the headers.
I am trying locally in postman using the URL http ://localhost:9000
How to write the code?
What's the best way to that? for play 2.3
I searched in play blog and understood that Redirection filters are supported on 2.6 and above, but I am using only 2.3.x version.
Is there any best solution provided to test locally in postman using HTTP . so that I can see the hsts headers in the response.
Note : I have HTTP blocked in production mode. I can use only https in production.
Upvotes: 0
Views: 774
Answers (1)
Reputation: 1
Add this line to your application.conf:
play.filters.https.strictTransportSecurity="max-age=31536000; includeSubDomains"
You can use curl request to check the same:
curl -s -D- https://localhost:9000/{{api}} | grep -i Strict
Reference: https://www.namecheap.com/support/knowledgebase/article.aspx/9711/38/how-to-check-if-hsts-is-enabled
Upvotes: 0
Related Questions
- Configuring TheHive with TLS
- Play framework: Why does https url not work on using "sbt dist" command?
- Play Framework REST with basic authentication and SSL
- Configuring Https for play 2.4 in production: Unable to find HTTPS keystore
- SSL handshake with Play having mismatch on hostnames
- How to configure ssl certificate on play framework?
- how to use securesocial in play 2.3.0
- How do i tell the typesafe activator to serve play applications over https?
- Https locally on Linux with Play Framework
- How do I ignore ssl validation in play framework scala ws calls