Comment 4 for bug 1875750
Revision history for this message
| Kristina Hoeppner (kris-hoeppner) wrote | #4 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
67d34a1
(Get the code!)
If NGinx sets HSTS headers as well, then you can turn the setting off in Mahara:
Log in and go to Admin -> Configure site -> Site options -> Security settings and set "HSTS override" to "Yes"
To verify things are working you should see in the headers
strict-
and not
strict-
strict-