Add preload directive to HSTS header

jdno · jdno · commit b459a9230cf6 · 2023-03-27T17:12:42.000+02:00
The preload directive has been added to the Strict-Transport-Security
header to enable HSTS preloading.
diff --git a/www/website_config.json b/www/website_config.json
@@ -1,6 +1,6 @@
 {
     "headers": {
-        "Strict-Transport-Security": "max-age=63072000; includeSubDomains",
+        "Strict-Transport-Security": "max-age=63072000; includeSubDomains; preload",
         "X-Content-Type-Options": "nosniff",
         "X-Frame-Options": "DENY",
         "X-XSS-Protection": "1; mode=block",

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"headers": {`
`3`		`- "Strict-Transport-Security": "max-age=63072000; includeSubDomains",`
	`3`	`+ "Strict-Transport-Security": "max-age=63072000; includeSubDomains; preload",`
`4`	`4`	`"X-Content-Type-Options": "nosniff",`
`5`	`5`	`"X-Frame-Options": "DENY",`
`6`	`6`	`"X-XSS-Protection": "1; mode=block",`