Inicio Explorar Axuda
Iniciar sesión
mirrors
/
nginx-proxy
réplica de https://github.com/nginx-proxy/nginx-proxy.git
2
0
Fork 0
Ficheiros
Explorar o código

Remove includeSubdomains from HSTS header

includeSubdomains can lead to issues where not all subdomains are
able to use HTTPS.  This options might be too strict for the general
case: https://www.owasp.org/index.php/HTTP_Strict_Transport_Security.
It can be re-enabled w/ a custom template if needed.

Fixes #109
Jason Wilder %!s(int64=10) %!d(string=hai) anos
pai
879bb59d90
achega
4a99ac5548
Modificáronse 1 ficheiros con 1 adicións e 1 borrados
Dividir vista Mostrar estatísticas de Diff
  1. 1 1
      nginx.tmpl

+ 1 - 1
nginx.tmpl
Ver ficheiro 

@@ -105,7 +105,7 @@ server {
 
 	ssl_certificate /etc/nginx/certs/{{ (printf "%s.crt" $cert) }};
 
 	ssl_certificate_key /etc/nginx/certs/{{ (printf "%s.key" $cert) }};
 
 
-	add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
 
+	add_header Strict-Transport-Security "max-age=31536000";
 
 
 	{{ if (exists (printf "/etc/nginx/vhost.d/%s" $host)) }}
 
 	include {{ printf "/etc/nginx/vhost.d/%s" $host }};