Class HSTSEnforcer

java.lang.Object
org.javagi.base.ProxyInstance
org.gnome.gobject.TypeInstance
org.gnome.gobject.GObject
org.gnome.soup.HSTSEnforcer
All Implemented Interfaces:
SessionFeature, Proxy
Direct Known Subclasses:
HSTSEnforcerDB
@Generated("org.javagi.JavaGI") public class HSTSEnforcer extends GObject implements SessionFeature

Automatic HTTP Strict Transport Security enforcing for Session.

A HSTSEnforcer stores HSTS policies and enforces them when required. HSTSEnforcer implements SessionFeature, so you can add an HSTS enforcer to a session with Session.addFeature(SessionFeature) or Session.addFeatureByType(Type).

HSTSEnforcer keeps track of all the HTTPS destinations that, when connected to, return the Strict-Transport-Security header with valid values. HSTSEnforcer will forget those destinations upon expiry or when the server requests it.

When the Session the HSTSEnforcer is attached to queues or restarts a message, the HSTSEnforcer will rewrite the URI to HTTPS if the destination is a known HSTS host and is contacted over an insecure transport protocol (HTTP). Users of HSTSEnforcer are advised to listen to changes in the Message:uri property in order to be aware of changes in the message URI.

Note that HSTSEnforcer does not support any form of long-term HSTS policy persistence. See HSTSEnforcerDB for a persistent enforcer.

  • Constructor Details

    • HSTSEnforcer

      public HSTSEnforcer(MemorySegment address)
      Create a HSTSEnforcer instance for the provided memory address.
      Parameters:
      address - the memory address of the native object

    • HSTSEnforcer

      public HSTSEnforcer()
      Create a new HSTSEnforcer.

  • Method Details

    • getType

      public static @Nullable Type getType()
      Get the GType of the HSTSEnforcer class.
      Returns:
      the GType

    • getMemoryLayout

      public static MemoryLayout getMemoryLayout()
      The memory layout of the native struct.
      Returns:
      the memory layout

    • asParent

      protected HSTSEnforcer asParent()
      Return this instance as if it were its parent type. Comparable to the Java super keyword, but ensures the parent typeclass is also used in native code.
      Overrides:
      asParent in class GObject
      Returns:
      the instance as if it were its parent type

    • getDomains

      public List<String> getDomains(boolean sessionPolicies)
      Gets a list of domains for which there are policies in enforcer.
      Parameters:
      sessionPolicies - whether to include session policies
      Returns:
      a newly allocated list of domains. Use org.gnome.glib.List.freeFull and GLib#free to free the list.

    • getPolicies

      public List<HSTSPolicy> getPolicies(boolean sessionPolicies)
      Gets a list with the policies in enforcer.
      Parameters:
      sessionPolicies - whether to include session policies
      Returns:
      a newly allocated list of policies. Use org.gnome.glib.List.freeFull and HSTSPolicy.free() to free the list.

    • hasValidPolicy

      public boolean hasValidPolicy(String domain)
      Gets whether this HSTSEnforcer has a currently valid policy for domain.
      Parameters:
      domain - a domain.
      Returns:
      true if access to domain should happen over HTTPS, false otherwise.

    • isPersistent

      public boolean isPersistent()
      Gets whether this HSTSEnforcer stores policies persistenly.
      Returns:
      true if this HSTSEnforcer storage is persistent or false otherwise.

    • setPolicy

      public void setPolicy(HSTSPolicy policy)

      Sets policy to hstsEnforcer.

      If policy is expired, any existing HSTS policy for its host will be removed instead. If a policy existed for this host, it will be replaced. Otherwise, the new policy will be inserted. If the policy is a session policy, that is, one created with HSTSPolicy.sessionPolicy(String, boolean), the policy will not expire and will be enforced during the lifetime of hstsEnforcer's Session.

      Parameters:
      policy - the policy of the HSTS host

    • setSessionPolicy

      public void setSessionPolicy(String domain, boolean includeSubdomains)

      Sets a session policy for domain.

      A session policy is a policy that is permanent to the lifetime of hstsEnforcer's Session and doesn't expire.

      Parameters:
      domain - policy domain or hostname
      includeSubdomains - true if the policy applies on sub domains

    • changed

      protected void changed(HSTSPolicy oldPolicy, HSTSPolicy newPolicy)
      The class closure for the HSTSEnforcer::changed signal.

    • onChanged

      public SignalConnection<HSTSEnforcer.ChangedCallback> onChanged(HSTSEnforcer.ChangedCallback handler)

      Emitted when hstsEnforcer changes.

      If a policy has been added, newPolicy will contain the newly-added policy and oldPolicy will be null. If a policy has been deleted, oldPolicy will contain the to-be-deleted policy and newPolicy will be null. If a policy has been changed, oldPolicy will contain its old value, and newPolicy its new value.

      Note that you shouldn't modify the policies from a callback to this signal.

      Parameters:
      handler - the signal handler
      Returns:
      a signal handler ID to keep track of the signal connection
      See Also:

    • emitChanged

      public void emitChanged(@Nullable HSTSPolicy oldPolicy, @Nullable HSTSPolicy newPolicy)
      Emits the "changed" signal. See onChanged(HSTSEnforcer.ChangedCallback).

    • builder

      public static HSTSEnforcer.Builder<? extends HSTSEnforcer.Builder> builder()
      A HSTSEnforcer.Builder object constructs a HSTSEnforcer with the specified properties. Use the various set...() methods to set properties, and finish construction with HSTSEnforcer.Builder.build().
      Returns:
      the builder object