Do not include subtomains in STS header.
This commit is contained in:
parent
b512fbc0ec
commit
8a0bfa4998
|
@ -162,7 +162,7 @@ class ApplicationController < ActionController::Base
|
|||
headers['X-XSS-Protection'] = '1; mode=block'
|
||||
headers['X-UA-Compatible'] = 'IE=edge'
|
||||
headers['X-Content-Type-Options'] = 'nosniff'
|
||||
headers['Strict-Transport-Security'] = 'max-age=31536000; includeSubDomains' if Gitlab.config.gitlab.https
|
||||
headers['Strict-Transport-Security'] = 'max-age=31536000' if Gitlab.config.gitlab.https
|
||||
end
|
||||
|
||||
def add_gon_variables
|
||||
|
|
Loading…
Reference in New Issue