Página Principal Explorar Ajuda
Iniciar Sessão
mirrors
/
nginx-proxy
mirror de https://github.com/nginx-proxy/nginx-proxy.git
2
0
Fork 0
Ficheiros
Ver Fonte

Remove includeSubdomains from HSTS header

includeSubdomains can lead to issues where not all subdomains are
able to use HTTPS.  This options might be too strict for the general
case: https://www.owasp.org/index.php/HTTP_Strict_Transport_Security.
It can be re-enabled w/ a custom template if needed.

Fixes #109
Jason Wilder há 10 anos atrás
pai
879bb59d90
commit
4a99ac5548
1 ficheiros alterados com 1 adições e 1 exclusões
Visão Dividida Mostrar Estatísticas Diff
  1. 1 1
      nginx.tmpl

+ 1 - 1
nginx.tmpl
Ver Ficheiro 

@@ -105,7 +105,7 @@ server {
 
 	ssl_certificate /etc/nginx/certs/{{ (printf "%s.crt" $cert) }};
 
 	ssl_certificate_key /etc/nginx/certs/{{ (printf "%s.key" $cert) }};
 
 
-	add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
 
+	add_header Strict-Transport-Security "max-age=31536000";
 
 
 	{{ if (exists (printf "/etc/nginx/vhost.d/%s" $host)) }}
 
 	include {{ printf "/etc/nginx/vhost.d/%s" $host }};