From 8825f936efcf05d1b8382fcdb2d528ff7c3ff933 Mon Sep 17 00:00:00 2001
From: Sergio Benitez <sb@sergio.bz>
Date: Tue, 22 Feb 2022 18:07:25 -0800
Subject: [PATCH] Add 'includeSubdomains' in HSTS preload header.

Resolves #2049.
Closes #2050.

Co-authored-by: Soham Roy <sohamroy@sohamroy.me>
---
 core/lib/src/shield/policy.rs | 20 ++++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)

diff --git a/core/lib/src/shield/policy.rs b/core/lib/src/shield/policy.rs
index fa2f72a3..54827fbc 100644
--- a/core/lib/src/shield/policy.rs
+++ b/core/lib/src/shield/policy.rs
@@ -284,10 +284,21 @@ pub enum Hsts {
     /// Like [`Hsts::Enable`], but also apply to all of the site's subdomains.
     IncludeSubDomains(Duration),
 
+    /// Send a "preload" HSTS header, which requests inclusion in the HSTS
+    /// preload list. This variant implies [`Hsts::IncludeSubDomains`], which
+    /// implies [`Hsts::Enable`].
+    ///
+    /// The provided `Duration` must be _at least_ 365 days. If the duration
+    /// provided is less than 365 days, the header will be written out with a
+    /// `max-age` of 365 days.
+    ///
+    /// # Details
+    ///
     /// Google maintains an [HSTS preload service] that can be used to prevent
     /// the browser from ever connecting to your site over an insecure
     /// connection. Read more at [MDN]. Don't enable this before you have
-    /// registered your site.
+    /// registered your site and you ensure that it meets the requirements
+    /// specified by the preload service.
     ///
     /// [HSTS preload service]: https://hstspreload.org/
     /// [MDN]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security#Preloading_Strict_Transport_Security
@@ -317,7 +328,12 @@ impl From<&Hsts> for Header<'static> {
             Hsts::IncludeSubDomains(age) => {
                 format!("max-age={}; includeSubDomains", age.whole_seconds())
             }
-            Hsts::Preload(age) => format!("max-age={}; preload", age.whole_seconds()),
+            Hsts::Preload(age) => {
+                // Google says it needs to be >= 365 days for preload list.
+                static YEAR: Duration = Duration::seconds(31536000);
+
+                format!("max-age={}; includeSubDomains; preload", age.max(&YEAR).whole_seconds())
+            }
         };
 
         Header::new(Hsts::NAME, policy_string)