nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-01-21 07:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove includeSubDomains option from HSTS header.

Browse Source
This commit is contained in:
James Valleroy 2013-11-28 02:27:08 +00:00
parent 96310b4366
commit 96f4430513
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
share/apache2/plinth.conf
View File

@ -22,7 +22,7 @@
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
## Use HTTP Strict Transport Security to force client to use secure connections only
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
Header always set Strict-Transport-Security "max-age=31536000"
## Shared options.
ProxyPreserveHost on