internal void SetHstsHeader(HttpResponseBase response, bool isHttps) { if (!isHttps && WebConfig.SecurityHttpHeaders.Hsts.HttpsOnly) { return; } var result = _headerGenerator.CreateHstsResult(WebConfig.SecurityHttpHeaders.Hsts); _headerResultHandler.HandleHeaderResult(response, result); }
internal void SetHstsHeader(IHttpContextWrapper httpContext, bool isHttps, bool upgradeSupported) { if (!isHttps && WebConfig.SecurityHttpHeaders.Hsts.HttpsOnly) { return; } if (!upgradeSupported && WebConfig.SecurityHttpHeaders.Hsts.UpgradeInsecureRequests) { return; } var result = _headerGenerator.CreateHstsResult(WebConfig.SecurityHttpHeaders.Hsts); _headerResultHandler.HandleHeaderResult(httpContext, result); }