This repository has been archived on 2024-07-22. You can view files and clone it, but cannot push or open issues or pull requests.
mastodon/dist
Peter Dave Hello a2afcac7d9
Make sure nginx always send HSTS header (#16633)
By default, it'll only send those headers when the response code is one of the following:
- 200, 201, 204, 206, 301, 302, 303, 304, 307 & 308

As all the traffics should be https, the http protocol only exists to do 301 redirect,
and always send the HSTS header is almost one of the best practices, we should set
nginx to do so.

Reference:
- https://nginx.org/en/docs/http/ngx_http_headers_module.html#add_header
- https://ssl-config.mozilla.org/
2021-08-20 10:54:11 +01:00
..
mastodon-sidekiq.service
mastodon-streaming.service
mastodon-web.service
nginx.conf Make sure nginx always send HSTS header (#16633) 2021-08-20 10:54:11 +01:00