Using Admin Functions
You can enable and configure HSTS headers through certain admin functions:
Use appserver-get-enable-hsts-header to get information about the HSTS header:
xquery version "1.0-ml"; import module namespace admin = "http://marklogic.com/xdmp/admin" at "/MarkLogic/admin.xqy"; let $config := admin:get-configuration() let $groupid := admin:group-get-id($config, "Default") return admin:appserver-get-enable-hsts-header($config, admin:appserver-get-id($config, $groupid, "test"))
Use appserver-get-hsts-header-max-age to get information about the current HSTS header max age amount:
xquery version "1.0-ml"; import module namespace admin = "http://marklogic.com/xdmp/admin" at "/MarkLogic/admin.xqy"; let $config := admin:get-configuration() let $groupid := admin:group-get-id($config, "Default") return admin:appserver-get-hsts-header-max-age($config, admin:appserver-get-id($config, $groupid, "test"))
Use appserver-set-enable-hsts-header to enable HSTS header:
xquery version "1.0-ml"; import module namespace admin = "http://marklogic.com/xdmp/admin" at "/MarkLogic/admin.xqy"; let $config := admin:get-configuration() let $groupid := admin:group-get-id($config, "Default") return admin:appserver-set-enable-hsts-header($config, admin:appserver-get-id($config, $groupid, "test"),true())
Use appserver-set-hsts-header-max-age to set the HSTS max age amount:
xquery version "1.0-ml"; import module namespace admin = "http://marklogic.com/xdmp/admin" at "/MarkLogic/admin.xqy"; let $config := admin:get-configuration() let $groupid := admin:group-get-id($config, "Default") return admin:appserver-set-hsts-header-max-age($config, admin:appserver-get-id($config, $groupid, "test"),31536000)
The max age amount is being set to 31,536,000 or one year.