Skip to content

HSTS Support in VirtualServer CRD #8372

New issue
New issue
Open
Open
HSTS Support in VirtualServer CRD#8372
Labels
backlogPull requests/issues that are backlog itemsproposalAn issue that proposes a feature requestrefinedIssues that are ready to be prioritized
@mkingst

Description

@mkingst
mkingst
opened on Oct 7, 2025

HSTS is not supported with the VirtualServer CRD

The following is a workaround, based on this guide, however this can lead to problems with inheritance and snippets are not the best approach from a validation perspective:

data:
  server-snippets: |
    proxy_hide_header Strict-Transport-Security;
    set $hsts_header_val "";
    if ($scheme = 'https') {
      set $hsts_header_val "max-age=31536000";
    }
    add_header Strict-Transport-Security "$hsts_header_val" always;
    if ($scheme  = 'http') {
      return 302 https://$host$request_uri;
    }

The request is to add HSTS to VirtualServer via policy.

Metadata

Metadata

Assignees

No one assigned

    Labels

    backlogPull requests/issues that are backlog itemsproposalAn issue that proposes a feature requestrefinedIssues that are ready to be prioritized

    Type

    No type

    Projects

    NGINX Ingress Controller

    Status

    Prioritized backlog

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions