Closed opi closed 10 years ago
https://github.com/YunoHost/packages/blob/master/yunohost-config-nginx/config/template.conf#L30
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
Because in YNH, any subdomain (ex: mail.example.org) is considered as a separate domain, HSTS directive should not force includeSubdomains.
+1
Kloadut
commented
10 years ago Kloadut
commented
10 years ago
https://github.com/YunoHost/packages/blob/master/yunohost-config-nginx/config/template.conf#L30
Because in YNH, any subdomain (ex: mail.example.org) is considered as a separate domain, HSTS directive should not force includeSubdomains.