From 8cf0b75d80a0f119801c6a88b854e0f08ae180c1 Mon Sep 17 00:00:00 2001 From: Steve Kamerman Date: Sat, 1 Oct 2016 11:25:11 -0400 Subject: [PATCH] Updated README with HTTPS_METHOD=nohttps --- README.md | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 52ab6e4..b93078a 100644 --- a/README.md +++ b/README.md @@ -178,12 +178,13 @@ a 503. To serve traffic in both SSL and non-SSL modes without redirecting to SSL, you can include the environment variable `HTTPS_METHOD=noredirect` (the default is `HTTPS_METHOD=redirect`). You can also -disable the non-SSL site entirely with `HTTPS_METHOD=nohttp`. `HTTPS_METHOD` must be specified -on each container for which you want to override the default behavior. If `HTTPS_METHOD=noredirect` is -used, Strict Transport Security (HSTS) is disabled to prevent HTTPS users from being redirected by the -client. If you cannot get to the HTTP site after changing this setting, your browser has probably cached -the HSTS policy and is automatically redirecting you back to HTTPS. You will need to clear your browser's -HSTS cache or use an incognito window / different browser. +disable the non-SSL site entirely with `HTTPS_METHOD=nohttp`, or disable the HTTPS site with +`HTTPS_METHOD=nohttps`. `HTTPS_METHOD` must be specified on each container for which you want to +override the default behavior. If `HTTPS_METHOD=noredirect` is used, Strict Transport Security (HSTS) +is disabled to prevent HTTPS users from being redirected by the client. If you cannot get to the HTTP +site after changing this setting, your browser has probably cached the HSTS policy and is automatically +redirecting you back to HTTPS. You will need to clear your browser's HSTS cache or use an incognito +window / different browser. ### Basic Authentication Support