def _set_http_header(self, domain, header_substring): """Enables header identified by header_substring on domain. If the vhost is listening plaintextishly, separates out the relevant directives into a new server block, and only add header directive to HTTPS block. :param str domain: the domain to enable header for. :param str header_substring: String to uniquely identify a header. e.g. Strict-Transport-Security, Upgrade-Insecure-Requests :returns: Success :raises .errors.PluginError: If no viable HTTPS host can be created or set with header header_substring. """ vhosts = self.choose_vhosts(domain) if not vhosts: raise errors.PluginError( "Unable to find corresponding HTTPS host for enhancement.") for vhost in vhosts: if vhost.has_header(header_substring): raise errors.PluginEnhancementAlreadyPresent( "Existing %s header" % (header_substring)) # if there is no separate SSL block, break the block into two and # choose the SSL block. if vhost.ssl and any([not addr.ssl for addr in vhost.addrs]): _, vhost = self._split_block(vhost) header_directives = [ ['\n ', 'add_header', ' ', header_substring, ' '] + constants.HEADER_ARGS[header_substring], ['\n']] self.parser.add_server_directives(vhost, header_directives, replace=False)
def _test_with_already_existing(self): self.client.installer = mock.MagicMock() self.client.installer.supported_enhancements.return_value = [ "ensure-http-header", "redirect", "staple-ocsp" ] self.client.installer.enhance.side_effect = errors.PluginEnhancementAlreadyPresent( ) self.client.enhance_config([self.domain], None)