From 96f44305136df69f63a43ceba4f325eba5afa6ea Mon Sep 17 00:00:00 2001
From: James Valleroy <james.valleroy@gmail.com>
Date: Thu, 28 Nov 2013 02:27:08 +0000
Subject: [PATCH] Remove includeSubDomains option from HSTS header.

---
 share/apache2/plinth.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/share/apache2/plinth.conf b/share/apache2/plinth.conf
index 5edd6eea6..b489beb87 100644
--- a/share/apache2/plinth.conf
+++ b/share/apache2/plinth.conf
@@ -22,7 +22,7 @@
     SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
 
     ## Use HTTP Strict Transport Security to force client to use secure connections only
-    Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
+    Header always set Strict-Transport-Security "max-age=31536000"
 
     ## Shared options.
     ProxyPreserveHost on