thib8956/nginx-proxy
1
0
Fork 0
mirror of https://github.com/thib8956/nginx-proxy synced 2024-11-22 03:46:29 +00:00
Code Issues Releases Wiki Activity

Remove includeSubdomains from HSTS header

Browse Source 
includeSubdomains can lead to issues where not all subdomains are
able to use HTTPS.  This options might be too strict for the general
case: https://www.owasp.org/index.php/HTTP_Strict_Transport_Security.
It can be re-enabled w/ a custom template if needed.

Fixes #109
This commit is contained in:
Jason Wilder 2015-02-28 15:50:59 -07:00
parent 879bb59d90
commit 4a99ac5548
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nginx.tmpl
View File

@ -105,7 +105,7 @@ server {
ssl_certificate /etc/nginx/certs/{{ (printf "%s.crt" $cert) }};
ssl_certificate_key /etc/nginx/certs/{{ (printf "%s.key" $cert) }};
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
add_header Strict-Transport-Security "max-age=31536000";
{{ if (exists (printf "/etc/nginx/vhost.d/%s" $host)) }}
include {{ printf "/etc/nginx/vhost.d/%s" $host }};