Skip to content

Commit 3536aa8

Browse files
steverstever
committed
HSTS enabled
1 parent 5605124 commit 3536aa8

1 file changed

Lines changed: 2 additions & 2 deletions

File tree

apps/proxy/prod.Caddyfile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -25,8 +25,8 @@
2525
X-XSS-Protection "1; mode=block"
2626
Permissions-Policy "camera=(), microphone=(), geolocation=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=()"
2727

28-
# Strict Transport Security (HSTS) - enable if using HTTPS
29-
# Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
28+
# Strict Transport Security (HSTS)
29+
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
3030

3131
# Production CSP
3232
# Using hash for inline script instead of 'unsafe-inline'

0 commit comments

Comments
 (0)