/// <summary>
        /// Redirects to the specified URL.
        /// </summary>
        /// <param name="response">The response to use for redirection.</param>
        /// <param name="url">The URL to redirect to.</param>
        /// <param name="bypassSecurityWarning">If set to <c>true</c> security warnings will be bypassed.</param>
        public void Redirect(HttpResponseBase response, string url, bool bypassSecurityWarning)
        {
            if (bypassSecurityWarning) {
                Logger.Log("Bypassing security warning via a response header and JavaScript.");

                url = JsEncodeUrl(url);

                // Clear the current response buffer.
                response.Clear();

                // Add a refresh header to the response for the new path.
                response.AddHeader("Refresh", "0;URL=" + url);

                // Also, add JavaScript to replace the current location as backup.
                response.Write("<html><head><title></title>");
                response.Write("<script language=\"javascript\">window.location = '");
                response.Write(url);
                response.Write("';</script>");
                response.Write("</head><body></body></html>");
            } else {
                Logger.Log("Issuing permanent redirect.");

                // Permanent redirect.
                // TODO: Make the status code configurable (i.e. permanent vs. temporary).
                response.StatusCode = 301;
                response.RedirectLocation = url;
            }

            // End the current response.
            response.End();
        }
        public void Enrich(HttpResponseBase response, HttpRequestBase request, ISecurityEvaluator securityEvaluator, Settings settings)
        {
            if (!securityEvaluator.IsSecureConnection(request, settings) || !settings.EnableHsts) {
                return;
            }

            // Add the needed STS header.
            response.AddHeader("Strict-Transport-Security", string.Format("max-age={0:f0}", settings.HstsMaxAge));
        }