Inicio Explorar Ayuda
Iniciar sesión
mirrors
/
nginx-proxy
espejo de https://github.com/nginx-proxy/nginx-proxy.git
2
0
Fork 0
Archivos
Explorar el Código

Remove includeSubdomains from HSTS header

includeSubdomains can lead to issues where not all subdomains are
able to use HTTPS.  This options might be too strict for the general
case: https://www.owasp.org/index.php/HTTP_Strict_Transport_Security.
It can be re-enabled w/ a custom template if needed.

Fixes #109
Jason Wilder hace 10 años
padre
879bb59d90
commit
4a99ac5548
Se han modificado 1 ficheros con 1 adiciones y 1 borrados
Dividir vista Mostrar estadísticas de diff
  1. 1 1
      nginx.tmpl

+ 1 - 1
nginx.tmpl
Ver fichero 

@@ -105,7 +105,7 @@ server {
 
 	ssl_certificate /etc/nginx/certs/{{ (printf "%s.crt" $cert) }};
 
 	ssl_certificate_key /etc/nginx/certs/{{ (printf "%s.key" $cert) }};
 
 
-	add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
 
+	add_header Strict-Transport-Security "max-age=31536000";
 
 
 	{{ if (exists (printf "/etc/nginx/vhost.d/%s" $host)) }}
 
 	include {{ printf "/etc/nginx/vhost.d/%s" $host }};