sintaxi
commented
3 years ago Thanks for reporting. Will fix this right away.
Closed chunkybanana closed 3 years ago
sintaxi
commented
3 years ago Thanks for reporting. Will fix this right away.
sintaxi
commented
3 years ago The bug was introduced about an hour ago. Just released a patch. Thanks again for reporting this. Very much appreciated.
chunkybanana
commented
3 years ago Thanks! May I ask - what was causing this?
sintaxi
commented
3 years ago We have added a flag for setting Strict-Transport-Security in the upcoming release of surge. You set it by running surge config example.com --hsts 60. The bug was caused by the header being set to null instead of ignoring the property when it isn't present.
chunkybanana
commented
3 years ago Ok, thanks!
I wasn't sure where to put this, as there's no repo for the surge backend.
I'm not sure when exactly this started, but whenever GETting a resource I get the error
Strict-Transport-Security: The site specified a header that included an invalid ‘max-age’ directive.Further investigation reveals that this value is null. Is this important and if so, can it be fixed?