-- Pull in the Traffic Server API.
local TS = require 'ts'

require 'string'
local enable_hsts = true

-- HSTS and SSL check
function check_hsts(request)
    -- Check if we're on HTTPS, otherwise redirect
    url = request:url()
    if not url.scheme == "http" then
        url.scheme = "https"
        request:redirect(url)
        return
    end
    -- If it's on HTTPS, set the HSTS header
    if enable_hsts then
        TS.debug('lua_hsts', "Forcing HSTS to be enabled")
        request.headers['Strict-Transport-Security'] = "max-age=31536000; includeSubDomains"
    end
end