Bump max-age for HSTS
This commit is contained in:
parent
90edf2fc60
commit
734905d1f7
@ -188,7 +188,7 @@ before_all do |env|
|
|||||||
env.response.headers["Referrer-Policy"] = "same-origin"
|
env.response.headers["Referrer-Policy"] = "same-origin"
|
||||||
|
|
||||||
if Kemal.config.ssl || config.https_only
|
if Kemal.config.ssl || config.https_only
|
||||||
env.response.headers["Strict-Transport-Security"] = "max-age=604800; includeSubDomains"
|
env.response.headers["Strict-Transport-Security"] = "max-age=31536000; includeSubDomains; preload"
|
||||||
end
|
end
|
||||||
|
|
||||||
begin
|
begin
|
||||||
@ -5189,7 +5189,7 @@ if Kemal.config.ssl
|
|||||||
redirect_url += "?#{env.request.query}"
|
redirect_url += "?#{env.request.query}"
|
||||||
end
|
end
|
||||||
|
|
||||||
env.response.headers["Strict-Transport-Security"] = "max-age=604800; includeSubDomains"
|
env.response.headers["Strict-Transport-Security"] = "max-age=31536000; includeSubDomains; preload"
|
||||||
env.response.headers["Location"] = redirect_url
|
env.response.headers["Location"] = redirect_url
|
||||||
env.response.status_code = 301
|
env.response.status_code = 301
|
||||||
end
|
end
|
||||||
|
Loading…
Reference in New Issue
Block a user