Merge pull request #389 from timlrx/hsts

exclude preload from hsts header
This commit is contained in:
Timothy
2022-02-13 23:32:27 +08:00
committed by GitHub

View File

@ -43,7 +43,7 @@ const securityHeaders = [
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
{
key: 'Strict-Transport-Security',
value: 'max-age=31536000; includeSubDomains; preload',
value: 'max-age=31536000; includeSubDomains',
},
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy
{