Include an HSTS header in the 301 redirect from https://libravatar.org
Bug #1355378 reported by
François Marier
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Libravatar (obsolete) |
Confirmed
|
High
|
Unassigned |
Bug Description
As discussed in https:/
Changed in libravatar: | |
assignee: | François Marier (fmarier) → nobody |
To post a comment you must log in.
mod_alias doesn't normally add headers to non-200 response. That's why we'll need to use the "always" condition:
Header always add Strict- Transport- Security: "max-age=15768000"
(via http:// serverfault. com/questions/ 173038/ apache- redirect- and-set- cache-headers# answer- 185191)