feat(utils): add preset for recommended sts value

README.md

@@ -3,7 +3,7 @@
 [![deno land](http://img.shields.io/badge/available%20on-deno.land/x-lightgrey.svg?logo=deno)](https://deno.land/x/hsts_middleware)
 [![deno doc](https://doc.deno.land/badge.svg)](https://doc.deno.land/https/deno.land/x/hsts_middleware/mod.ts)
 [![GitHub release (latest by date)](https://img.shields.io/github/v/release/httpland/hsts-middleware)](https://github.com/httpland/hsts-middleware/releases)
-[![codecov](https://codecov.io/github/httpland/hsts-middleware/branch/main/graph/badge.svg)](https://codecov.io/gh/httpland/hsts-middleware)
+[![codecov](https://codecov.io/gh/httpland/hsts-middleware/branch/main/graph/badge.svg?token=ERELj74qaQ)](https://codecov.io/gh/httpland/hsts-middleware)
 [![GitHub](https://img.shields.io/github/license/httpland/hsts-middleware)](https://github.com/httpland/hsts-middleware/blob/main/LICENSE)
 
 [![test](https://github.com/httpland/hsts-middleware/actions/workflows/test.yaml/badge.svg)](https://github.com/httpland/hsts-middleware/actions/workflows/test.yaml)
@@ -98,6 +98,25 @@ import { assertThrows } from "https://deno.land/std/testing/asserts.ts";
 assertThrows(() => hsts({ maxAge: NaN }));
 ```
 
+## Preset
+
+STS presets are provided. It is value recommended by several hosts.
+
+- [OWASP](https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html)
+- [mozilla](https://infosec.mozilla.org/guidelines/web_security#http-strict-transport-security)
+
+```ts
+import { hsts, STS } from "https://deno.land/x/hsts_middleware@$VERSION/mod.ts";
+
+const middleware = hsts(STS);
+```
+
+yield:
+
+```http
+Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
+```
+
 ## Effects
 
 Middleware may make changes to the following elements of the HTTP message.

mod.ts

@@ -3,3 +3,4 @@
 
 export { hsts } from "./middleware.ts";
 export { type Middleware, type StrictTransportSecurity } from "./deps.ts";
+export { STS } from "./utils.ts";

utils.ts

@@ -0,0 +1,20 @@
+// Copyright 2023-latest the httpland authors. All rights reserved. MIT license.
+// This module is browser compatible.
+
+import { StrictTransportSecurity } from "./deps.ts";
+
+/** Recommended {@link StrictTransportSecurity}.
+ * The following hosts are recommended.
+ * - [OWASP](https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html)
+ * - [mozilla](https://infosec.mozilla.org/guidelines/web_security#http-strict-transport-security)
+ *
+ * @example
+ * ```http
+ * Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
+ * ```
+ */
+export const STS: StrictTransportSecurity = {
+  maxAge: 60 * 60 * 24 * 365 * 2,
+  includeSubDomains: true,
+  preload: true,
+};

utils_test.ts

@@ -0,0 +1,12 @@
+import { STS } from "./utils.ts";
+import { assertEquals, describe, it } from "./_dev_deps.ts";
+
+describe("STS", () => {
+  it("should return true", () => {
+    assertEquals(STS, {
+      maxAge: 63072000,
+      preload: true,
+      includeSubDomains: true,
+    });
+  });
+});