diff options
author | Micah <micah@leap.se> | 2015-10-19 20:57:07 -0400 |
---|---|---|
committer | Micah <micah@leap.se> | 2015-10-19 20:59:04 -0400 |
commit | 91c638f7d30243f0c5c079659bd3bd1d32a7cc7c (patch) | |
tree | 25b162225b91e7e4db3f38817b9f3183861ae15a /puppet/modules/site_static/templates | |
parent | add63156286e3b89ae38b8f6975e84817f772373 (diff) |
change apache header set for HSTS to be always, otherwise it wont be set for redirects (#7540)
Change-Id: Ic77c64c03a99dad951f42633de04c352bed17c1e
Diffstat (limited to 'puppet/modules/site_static/templates')
-rw-r--r-- | puppet/modules/site_static/templates/apache.conf.erb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/puppet/modules/site_static/templates/apache.conf.erb b/puppet/modules/site_static/templates/apache.conf.erb index 4d61cc08..2853c5c7 100644 --- a/puppet/modules/site_static/templates/apache.conf.erb +++ b/puppet/modules/site_static/templates/apache.conf.erb @@ -48,7 +48,7 @@ Include include.d/ssl_common.inc <%- if @tls_only -%> - Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains" + Header always set Strict-Transport-Security: "max-age=15768000;includeSubdomains" <%- end -%> Header set X-Frame-Options "deny" Header always unset X-Powered-By |