heckyel/gitolite-cgit-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

nginx: remove Strict-Transport-Security

Browse Source 
Strict-Transport-Security is only HTTPS
This commit is contained in:
Jesús 2021-10-25 12:19:32 -05:00
parent 37475fd3b8
commit d28adfa173
No known key found for this signature in database
GPG Key ID: F6EE7BC59A315766
1 changed files with 0 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
gitolite-cgit/entrypoint.sh
View File

@ -329,8 +329,6 @@ EOF
error_log off; error_log off;
# Aditional Security Headers # Aditional Security Headers
# ref: https://developer.mozilla.org/en-US/docs/Security/HTTP_Strict_Transport_Security
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
# ref: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options # ref: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
add_header X-Frame-Options DENY always; add_header X-Frame-Options DENY always;