Merge pull request #4735 from appwrite/fix-hsts
Enable HSTS for all HTTPS requests
This commit is contained in:
commit
de8552e901
|
@ -223,7 +223,9 @@ App::init()
|
||||||
|
|
||||||
return $response->redirect('https://' . $request->getHostname() . $request->getURI());
|
return $response->redirect('https://' . $request->getHostname() . $request->getURI());
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($request->getProtocol() === 'https') {
|
||||||
$response->addHeader('Strict-Transport-Security', 'max-age=' . (60 * 60 * 24 * 126)); // 126 days
|
$response->addHeader('Strict-Transport-Security', 'max-age=' . (60 * 60 * 24 * 126)); // 126 days
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue