aux/keyserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add publi key pin backup

Browse Source
This commit is contained in:
Tankred Hase 2016-06-10 18:19:03 +02:00
parent 904a408459
commit f1bf3caa20
3 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@ -221,6 +221,7 @@ The `config/development.js` file can be used to configure a local development in
* NODE_ENV=production
* UPGRADE_HTTPS=true (upgrade HTTP to HTTPS and use [HSTS](https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security))
* PUBLIC_KEY_PIN=base64_encoded_sha256 (use [HPKP](https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning))
* PUBLIC_KEY_PIN_BACKUP=base64_encoded_sha256
* MONGO_URI=127.0.0.1:27017/test_db
* MONGO_USER=db_user
* MONGO_PASS=db_password

3
config/default.js
View File

@ -7,7 +7,8 @@ module.exports = {
server: {
port: process.env.PORT || 8888,
upgradeHTTPS: process.env.UPGRADE_HTTPS,
publicKeyPin: process.env.PUBLIC_KEY_PIN
publicKeyPin: process.env.PUBLIC_KEY_PIN,
publicKeyPinBackup: process.env.PUBLIC_KEY_PIN_BACKUP
},
mongo: {

4
src/app.js
View File

@ -87,8 +87,8 @@ app.use(function *(next) {
if (util.isTrue(config.server.upgradeHTTPS)) {
this.set('Strict-Transport-Security', 'max-age=16070400');
}
if (config.server.publicKeyPin) {
this.set('Public-Key-Pins', 'pin-sha256="' + config.server.publicKeyPin + '"; max-age=16070400');
if (config.server.publicKeyPin && config.server.publicKeyPinBackup) {
this.set('Public-Key-Pins', 'pin-sha256="' + config.server.publicKeyPin + '"; pin-sha256="' + config.server.publicKeyPinBackup + '"; max-age=16070400');
}
this.set('Access-Control-Allow-Origin', '*');
this.set('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');