From 91c638f7d30243f0c5c079659bd3bd1d32a7cc7c Mon Sep 17 00:00:00 2001
From: Micah <micah@leap.se>
Date: Mon, 19 Oct 2015 20:57:07 -0400
Subject: change apache header set for HSTS to be always, otherwise it wont be
 set for redirects (#7540)

Change-Id: Ic77c64c03a99dad951f42633de04c352bed17c1e
---
 puppet/modules/site_static/templates/apache.conf.erb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'puppet/modules/site_static')

diff --git a/puppet/modules/site_static/templates/apache.conf.erb b/puppet/modules/site_static/templates/apache.conf.erb
index 4d61cc08..2853c5c7 100644
--- a/puppet/modules/site_static/templates/apache.conf.erb
+++ b/puppet/modules/site_static/templates/apache.conf.erb
@@ -48,7 +48,7 @@
   Include include.d/ssl_common.inc
   
 <%- if @tls_only -%>
-  Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"
+  Header always set Strict-Transport-Security: "max-age=15768000;includeSubdomains"
 <%- end -%>
   Header set X-Frame-Options "deny"
   Header always unset X-Powered-By
-- 
cgit v1.2.3