Closed chunkybanana closed 3 years ago
Thanks for reporting. Will fix this right away.
The bug was introduced about an hour ago. Just released a patch. Thanks again for reporting this. Very much appreciated.
Thanks! May I ask - what was causing this?
We have added a flag for setting Strict-Transport-Security
in the upcoming release of surge
. You set it by running surge config example.com --hsts 60
. The bug was caused by the header being set to null
instead of ignoring the property when it isn't present.
Ok, thanks!
I wasn't sure where to put this, as there's no repo for the surge backend.
I'm not sure when exactly this started, but whenever GETting a resource I get the error
Strict-Transport-Security: The site specified a header that included an invalid ‘max-age’ directive.
Further investigation reveals that this value is null. Is this important and if so, can it be fixed?