HSTSPolicy#

class HSTSPolicy(**kwargs)#

HSTSPolicy implements HTTP policies, as described by RFC 6797.

domain represents the host that this policy applies to. The domain must be IDNA-canonicalized. new and related methods will do this for you.

max_age contains the ‘max-age’ value from the Strict Transport Security header and indicates the time to live of this policy, in seconds.

expires will be non-None if the policy has been set by the host and hence has an expiry time. If expires is None, it indicates that the policy is a permanent session policy set by the user agent.

If include_subdomains is True, the Strict Transport Security policy must also be enforced on subdomains of domain.

Constructors#

class HSTSPolicy

classmethod new(domain: str, max_age: int, include_subdomains: bool) → HSTSPolicy#

Creates a new HSTSPolicy with the given attributes.

domain is a domain on which the strict transport security policy represented by this object must be enforced.

max_age is used to set the “expires” attribute on the policy; pass HSTS_POLICY_MAX_AGE_PAST for an already-expired policy, or a lifetime in seconds.

If include_subdomains is True, the strict transport security policy must also be enforced on all subdomains of domain.

Parameters:

domain – policy domain or hostname
max_age – max age of the policy
include_subdomains – True if the policy applies on subdomains

classmethod new_from_response(msg: Message) → HSTSPolicy | None#

Parses msg's first “Strict-Transport-Security” response header and returns a HSTSPolicy.

Parameters:: msg – a Message

classmethod new_full(domain: str, max_age: int, expires: DateTime, include_subdomains: bool) → HSTSPolicy#

Full version of new, to use with an existing expiration date.

See new for details.

Parameters:

domain – policy domain or hostname
max_age – max age of the policy
expires – the date of expiration of the policy or None for a permanent policy
include_subdomains – True if the policy applies on subdomains

classmethod new_session_policy(domain: str, include_subdomains: bool) → HSTSPolicy#

Creates a new session HSTSPolicy with the given attributes.

A session policy is a policy that is valid during the lifetime of the HSTSEnforcer it is added to. Contrary to regular policies, it has no expiration date and is not stored in persistent enforcers. These policies are useful for user-agent to load their own or user-defined rules.

domain is a domain on which the strict transport security policy represented by this object must be enforced.

If include_subdomains is True, the strict transport security policy must also be enforced on all subdomains of domain.

Parameters:

domain – policy domain or hostname
include_subdomains – True if the policy applies on sub domains

Methods#

class HSTSPolicy

equal(policy2: HSTSPolicy) → bool#

Tests if policy1 and policy2 are equal.

Parameters:: policy2 – a HSTSPolicy

free() → None#: Frees policy.

get_domain() → str#: Gets policy's domain.

get_expires() → DateTime#: Returns the expiration date for policy.

get_max_age() → int#: Returns the max age for policy.

includes_subdomains() → bool#: Gets whether policy include its subdomains.

is_expired() → bool#

Gets whether policy is expired.

Permanent policies never expire.

is_session_policy() → bool#

Gets whether policy is a non-permanent, non-expirable session policy.

See new_session_policy for details.

HSTSPolicy#

Constructors#

Methods#

This Page