Home Verkennen Help
Inloggen
mirrors
/
nginx-proxy
spiegel van https://github.com/nginx-proxy/nginx-proxy.git
2
0
Vork 0
Bestanden
Bladeren bron

Remove includeSubdomains from HSTS header

includeSubdomains can lead to issues where not all subdomains are
able to use HTTPS.  This options might be too strict for the general
case: https://www.owasp.org/index.php/HTTP_Strict_Transport_Security.
It can be re-enabled w/ a custom template if needed.

Fixes #109
Jason Wilder 10 jaren geleden
bovenliggende
879bb59d90
commit
4a99ac5548
1 gewijzigde bestanden met toevoegingen van 1 en 1 verwijderingen
Zij-aan-zij weergave Toon Diff Stats
  1. 1 1
      nginx.tmpl

+ 1 - 1
nginx.tmpl
Bestand weergeven 

@@ -105,7 +105,7 @@ server {
 
 	ssl_certificate /etc/nginx/certs/{{ (printf "%s.crt" $cert) }};
 
 	ssl_certificate_key /etc/nginx/certs/{{ (printf "%s.key" $cert) }};
 
 
-	add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
 
+	add_header Strict-Transport-Security "max-age=31536000";
 
 
 	{{ if (exists (printf "/etc/nginx/vhost.d/%s" $host)) }}
 
 	include {{ printf "/etc/nginx/vhost.d/%s" $host }};